Alternatives and similar repositories for semgrep

Users that are interested in semgrep are comparing it to the libraries listed below

• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆31,602Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆8,331Updated this week
• getsops / sops
  Simple and flexible tool for managing secrets
  ☆20,671Updated last week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆11,469Updated this week
• dstotijn / hetty
  An HTTP toolkit for security research.
  ☆9,278Updated last year
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,924Updated this week
• github / codeql
  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
  ☆9,216Updated this week
• reviewdog / reviewdog
  🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
  ☆9,056Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆8,416Updated this week
• tomnomnom / gron
  Make JSON greppable!
  ☆14,363Updated 8 months ago
• wader / fq
  jq for binary formats - tool, language and decoders for working with binary and text formats
  ☆10,410Updated this week
• Wilfred / difftastic
  a structural diff that understands syntax 🟥🟩
  ☆24,062Updated last week
• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆4,412Updated 10 months ago
• earthly / earthly
  Super simple build framework with fast, repeatable builds and an instantly familiar syntax – like Dockerfile and Makefile had a baby.
  ☆11,973Updated 3 months ago
• securego / gosec
  Go security checker
  ☆8,651Updated this week
• comby-tools / comby
  A code rewrite tool for structural search and replace that supports ~every language.
  ☆2,599Updated 5 months ago
• google / osv.dev
  Open source vulnerability DB and triage service.
  ☆2,475Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆24,786Updated last month
• dolthub / dolt
  Dolt – Git for Data
  ☆19,684Updated last week
• dependency-check / DependencyCheck
  OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…
  ☆7,423Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,407Updated this week
• Orange-OpenSource / hurl
  Hurl, run and test HTTP requests with plain text.
  ☆18,472Updated this week
• microsoft / restler-fuzzer
  RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…
  ☆2,867Updated 3 weeks ago
• ast-grep / ast-grep
  ⚡A CLI tool for code structural search, lint and rewriting. Written in Rust
  ☆12,363Updated this week
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,072Updated this week
• FiloSottile / age
  A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
  ☆21,179Updated last week
• pulumi / pulumi
  Pulumi - Infrastructure as Code in any programming language 🚀
  ☆24,638Updated this week
• analysis-tools-dev / static-analysis
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆14,367Updated 2 weeks ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,262Updated this week
• bottlerocket-os / bottlerocket
  An operating system designed for hosting containers
  ☆9,527Updated last week