Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated last week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆117Updated 2 weeks ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 6 months ago
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated last year
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆87Updated 11 months ago
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆51Updated 2 years ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 3 weeks ago
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆47Updated 2 years ago
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• pry0cc / jf
  A wrapper around jq, to help you parse jq output!
  ☆30Updated 4 years ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆113Updated last month
• PortSwigger / bseept
  Burp Suite DAST Power Tools
  ☆18Updated last month
• usnistgov / swid-tools
  ☆13Updated last week
• vwt-digital / openapi3-fuzzer
  Simple fuzzer for OpenAPI 3 specification based APIs
  ☆22Updated 2 years ago
• ligurio / semgrep-rules
  semgrep rules for flakiness, missed error handling, Lua antipatterns and pitfalls.
  ☆14Updated 7 months ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆51Updated last year
• pan-net-security / artifactory-pypi-scanner
  Saves you from Python supply chain attack!
  ☆13Updated 4 years ago
• intruder-io / param-miner
  Fork of https://github.com/PortSwigger/param-miner for header smuggling research
  ☆12Updated 3 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆23Updated 3 weeks ago
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• projectdiscovery / subfinder-action
  Fast and passive subdomain enumeration.
  ☆17Updated 3 years ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆57Updated 3 weeks ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated last year
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆76Updated 2 weeks ago
• jtmelton / semgrep-idea-plugin
  ☆16Updated last year
• projectdiscovery / naabu-action
  A fast port scanner written in go with a focus on reliability and simplicity.
  ☆16Updated 8 months ago
• semgrep / mcp
  A MCP server for using Semgrep to scan code for security vulnerabilities.
  ☆203Updated this week