semgrep / semgrepLinks
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
β11,851Updated this week
Alternatives and similar repositories for semgrep
Users that are interested in semgrep are comparing it to the libraries listed below
Sorting:
- Find secrets with Gitleaks πβ20,266Updated last week
- Find, verify, and analyze leaked credentialsβ19,562Updated this week
- βοΈ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focβ¦β13,881Updated last month
- Vulnerability scanner written in Go which uses the data provided by https://osv.devβ7,487Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β23,725Updated this week
- a structural diff that understands syntax π₯π©β22,420Updated this week
- An HTTP toolkit for security research.β6,980Updated 4 months ago
- Fast web fuzzer written in Goβ14,149Updated last month
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.β3,899Updated 3 months ago
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β8,608Updated this week
- jq for binary formats - tool, language and decoders for working with binary and text formatsβ10,138Updated last week
- OpenSSF Scorecard - Security health metrics for Open Sourceβ4,931Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreβ27,215Updated this week
- A syntax-highlighting pager for git, diff, grep, and blame outputβ26,507Updated last month
- A command-line benchmarking toolβ25,394Updated last month
- A fast, simple, recursive content discovery tool written in Rust.β6,689Updated 2 months ago
- A pretty sweet vulnerability scannerβ4,135Updated 8 months ago
- Fast passive subdomain enumeration tool.β11,830Updated this week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β10,330Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.β4,117Updated 3 months ago
- β¨ Magical shell historyβ24,522Updated last week
- π€ The Modern Port Scanner π€β16,715Updated last week
- Dolt β Git for Dataβ18,750Updated this week
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web applicationβ4,763Updated 6 months ago
- A command-line hex viewerβ9,663Updated last week
- Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sockβ6,924Updated last year
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.β1,967Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ5,927Updated last month
- Open source vulnerability DB and triage service.β1,902Updated this week
- A next-generation crawling and spidering framework.β13,827Updated last week