Alternatives and similar repositories for semgrep-vscode:

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆40Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated 11 months ago
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆113Updated this week
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆81Updated 8 months ago
• usnistgov / swid-tools
  ☆13Updated 5 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆111Updated 3 weeks ago
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆27Updated this week
• advanced-security / codeql-bundle-action
  Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
  ☆25Updated 10 months ago
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 3 months ago
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆91Updated 4 months ago
• ossf / osv-schema
  Open Source Vulnerability schema.
  ☆197Updated last week
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆58Updated 2 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆178Updated 2 weeks ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆77Updated 3 months ago
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆40Updated last year
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated 11 months ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated last year
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆37Updated 3 years ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆104Updated 2 months ago
• jtmelton / semgrep-idea-plugin
  ☆17Updated last year
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆220Updated 10 months ago
• trailofbits / it-depends
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆351Updated 3 months ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆115Updated last year
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆23Updated 8 months ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆14Updated 2 years ago
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆27Updated last month
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆22Updated 2 weeks ago