patched-codes / semgrep-rulesLinks
A collection of permissively licensed Semgrep rules.
☆19Updated last year
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of h…☆55Updated 9 months ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆41Updated 11 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆78Updated this week
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆129Updated 9 months ago
- Manager of third-party sources of Semgrep rules 🗂☆90Updated last year
- Data about all known supply-chain attacks through history☆62Updated 6 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…☆131Updated last week
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced stru…☆83Updated last week
- Semgrep-based Policy Controller for Kubernetes☆47Updated 8 months ago
- Pentester-focused Docker registry tool to enumerate and pull images☆37Updated last month
- Security tool against dependency typosquatting attacks☆54Updated last week
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…☆110Updated this week
- Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams☆77Updated last week
- A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or art…☆69Updated last week
- ☆74Updated last month
- Unauthenticated enumeration of AWS IAM Roles.☆26Updated 3 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆132Updated 6 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆73Updated last year
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆86Updated last month
- ☆114Updated 2 years ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Updated 2 years ago
- ☆85Updated last month
- A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.☆144Updated last week
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆126Updated this week
- A comprehensive list of software composition analysis tools.☆156Updated last month
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 4 years ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆155Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆67Updated 5 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆98Updated last month
- 💅🏽 analyzes your github actions☆97Updated 2 months ago