Alternatives and similar repositories for semgrep

Users that are interested in semgrep are comparing it to the libraries listed below

• github / codeql
  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
  ☆8,464Updated this week
• wader / fq
  jq for binary formats - tool, language and decoders for working with binary and text formats
  ☆10,158Updated 2 weeks ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,951Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆20,914Updated 2 weeks ago
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆27,276Updated this week
• Wilfred / difftastic
  a structural diff that understands syntax 🟥🟩
  ☆22,440Updated last week
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,110Updated this week
• trufflesecurity / trufflehog
  Find, verify, and analyze leaked credentials
  ☆19,607Updated last week
• sharkdp / hyperfine
  A command-line benchmarking tool
  ☆25,453Updated last month
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆10,043Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆7,240Updated this week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,674Updated last week
• future-architect / vuls
  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
  ☆11,651Updated this week
• slimtoolkit / slim
  Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it …
  ☆21,863Updated last week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆7,498Updated this week
• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆4,115Updated 3 months ago
• dstotijn / hetty
  An HTTP toolkit for security research.
  ☆6,993Updated 4 months ago
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,159Updated this week
• charmbracelet / glow
  Render markdown on the CLI, with pizzazz! 💅🏻
  ☆18,229Updated last week
• eth0izzle / shhgit
  Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
  ☆3,900Updated 4 months ago
• praetorian-inc / gokart
  A static analysis tool for securing Go code
  ☆2,177Updated last year
• getsops / sops
  Simple and flexible tool for managing secrets
  ☆18,766Updated last week
• phiresky / ripgrep-all
  rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.
  ☆8,893Updated last month
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆928Updated this week
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆11,294Updated 3 months ago
• tomnomnom / gron
  Make JSON greppable!
  ☆14,108Updated last month
• koalaman / shellcheck
  ShellCheck, a static analysis tool for shell scripts
  ☆37,594Updated last month
• atuinsh / atuin
  ✨ Magical shell history
  ☆24,749Updated last week
• Orange-OpenSource / hurl
  Hurl, run and test HTTP requests with plain text.
  ☆16,274Updated this week
• mgdm / htmlq
  Like jq, but for HTML.
  ☆7,307Updated last year