semgrep / semgrepLinks
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
☆11,947Updated this week
Alternatives and similar repositories for semgrep
Users that are interested in semgrep are comparing it to the libraries listed below
Sorting:
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,464Updated this week
- jq for binary formats - tool, language and decoders for working with binary and text formats☆10,158Updated 2 weeks ago
- OpenSSF Scorecard - Security health metrics for Open Source☆4,951Updated this week
- Find secrets with Gitleaks 🔑☆20,914Updated 2 weeks ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆27,276Updated this week
- a structural diff that understands syntax 🟥🟩☆22,440Updated last week
- OSS-Fuzz - continuous fuzzing for open source software.☆11,110Updated this week
- Find, verify, and analyze leaked credentials☆19,607Updated last week
- A command-line benchmarking tool☆25,453Updated last month
- A vulnerability scanner for container images and filesystems☆10,043Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,240Updated this week
- Vulnerability Static Analysis for Containers☆10,674Updated last week
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆11,651Updated this week
- Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it …☆21,863Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,498Updated this week
- An enterprise friendly way of detecting and preventing secrets in code.☆4,115Updated 3 months ago
- An HTTP toolkit for security research.☆6,993Updated 4 months ago
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆5,159Updated this week
- Render markdown on the CLI, with pizzazz! 💅🏻☆18,229Updated last week
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,900Updated 4 months ago
- A static analysis tool for securing Go code☆2,177Updated last year
- Simple and flexible tool for managing secrets☆18,766Updated last week
- rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.☆8,893Updated last month
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆928Updated this week
- Dockerfile linter, validate inline bash, written in Haskell☆11,294Updated 3 months ago
- Make JSON greppable!☆14,108Updated last month
- ShellCheck, a static analysis tool for shell scripts☆37,594Updated last month
- ✨ Magical shell history☆24,749Updated last week
- Hurl, run and test HTTP requests with plain text.☆16,274Updated this week
- Like jq, but for HTML.☆7,307Updated last year