patched-codes / semgrep-rulesLinks
A collection of permissively licensed Semgrep rules.
β12Updated last year
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β40Updated 8 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ123Updated 5 months ago
- Manager of third-party sources of Semgrep rules πβ87Updated last year
- β81Updated 6 months ago
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of hβ¦β38Updated 5 months ago
- Data about all known supply-chain attacks through historyβ58Updated 2 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context Pβ¦β111Updated 2 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. β¦β66Updated last month
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.β71Updated last week
- Security tool against dependency typosquatting attacksβ53Updated last week
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP seβ¦β71Updated 2 months ago
- FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.β56Updated 2 months ago
- β71Updated last week
- β112Updated 2 years ago
- Unauthenticated enumeration of AWS IAM Roles.β25Updated 7 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS dataβ28Updated last year
- Semgrep-based Policy Controller for Kubernetesβ47Updated 4 months ago
- A project to visualize the software supply chainβ52Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.β35Updated 7 months ago
- π€ A GitHub action that leverages fabric patterns through an agent-based approachβ30Updated 7 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIsβ73Updated last year
- Secure Code Review AI Agent (SeCoRA) - AI SASTβ48Updated 6 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β124Updated last week
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs andβ¦β152Updated 8 months ago
- πA cutting edge context aware GraphQL API fuzzing tool!β143Updated 2 weeks ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ90Updated 3 months ago
- The security workflow engine!β119Updated this week
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.β113Updated this week
- Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teamsβ51Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis toolβ41Updated last year