Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆41Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 5 months ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆86Updated 10 months ago
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆74Updated last week
• vwt-digital / openapi3-fuzzer
  Simple fuzzer for OpenAPI 3 specification based APIs
  ☆22Updated 2 years ago
• kondukto-io / semgrep-rules
  Custom semgrep rules registry
  ☆12Updated 2 years ago
• hmrc / security-git-hooks
  ☆19Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆115Updated last month
• SasanLabs / owasp-zap-jwt-addon
  OWASP ZAP addon for finding vulnerabilities in JWT Implementations
  ☆32Updated 3 months ago
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• oxsecurity / codetotal
  Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…
  ☆76Updated 9 months ago
• AppThreat / atom
  atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆65Updated this week
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated last year
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆57Updated this week
• kaakaww / javaspringvulny
  javaspringvulny - a Spring Boot web application built wrong on purpose
  ☆19Updated last month
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆65Updated 2 weeks ago
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆23Updated last month
• htrgouvea / zarn
  A lightweight static security analysis tool for modern Perl Apps
  ☆49Updated this week
• pry0cc / jf
  A wrapper around jq, to help you parse jq output!
  ☆30Updated 4 years ago
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆31Updated this week
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆51Updated 2 years ago
• opengrep / opengrep-rules
  ☆68Updated 4 months ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 7 months ago
• snyk-labs / snync
  Mitigate security concerns of Dependency Confusion supply chain security risks
  ☆47Updated 2 years ago
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 3 months ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 2 months ago
• shivasurya / code-pathfinder
  Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, f…
  ☆60Updated this week