Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆46Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆131Updated last week
• Vulnogram / Vulnogram
  Vulnogram is the tool for reserving, managing, and publishing CVEs. Get started at vulnogram.org or deploy Docker edition for full enterp…
  ☆209Updated this week
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆40Updated 4 years ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 3 weeks ago
• ShiftLeftSecurity / scan-docs
  ☆27Updated 3 years ago
• JosephTLucas / lintML
  A security-first linter for code that shouldn't need linting
  ☆16Updated 2 years ago
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆61Updated 3 years ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆90Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆122Updated last week
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆36Updated this week
• DefectDojo / godojo
  Golang installer for DefectDojo
  ☆29Updated 10 months ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆67Updated 5 months ago
• whoisxmlapi / bestwhois
  A command-line whois - like client for the WHOIS and WHOIS History APIs by WhoisXML API Inc.
  ☆19Updated 3 years ago
• protectai / nbdefense
  Secure Jupyter Notebooks and Experimentation Environment
  ☆84Updated 9 months ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆120Updated 2 years ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 8 months ago
• VerSprite / fork-community
  Fork Threat Modeling Platform - Community
  ☆27Updated last month
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• nccgroup / ccs
  ☆114Updated 2 years ago
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆188Updated 2 weeks ago
• cytix-software / AppSec-Detection-Framework
  A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…
  ☆32Updated last week
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 5 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated this week
• anchore / grype-db
  ☆54Updated this week
• strikergoutham / Anti-Takeover
  Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…
  ☆12Updated 5 years ago
• yahoo / SubdomainSleuth
  Scanner to identify dangling DNS records and subdomain takeovers
  ☆50Updated last year
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆133Updated 3 months ago