Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆44Updated last week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆122Updated 2 months ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆128Updated last month
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆128Updated 2 months ago
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆59Updated 3 years ago
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆187Updated 2 weeks ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆40Updated 3 years ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆89Updated last year
• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆203Updated this week
• DefectDojo / godojo
  Golang installer for DefectDojo
  ☆29Updated 8 months ago
• ShiftLeftSecurity / scan-docs
  ☆27Updated 3 years ago
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• trailofbits / deptective
  Deptective automatically determines the native dependencies required to run any arbitrary program or command.
  ☆121Updated last month
• owasp-dep-scan / depscan-bin
  Binary builds for dep-scan - The Dependency Scanner
  ☆10Updated last year
• ptdropper / CVE-Scanner-for-your-SW-BOM
  CVE Vulnerability scanner of your software bill of materials (SBOM). ASCII text input.
  ☆17Updated 4 years ago
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆98Updated 11 months ago
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆36Updated this week
• kannkyo / epss-api
  EPSS(Exploit Prediction Scoring System) API client
  ☆19Updated this week
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆119Updated last year
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated last month
• disclose / dioterms
  Open-source vulnerability disclosure policy templates.
  ☆68Updated 3 years ago
• jgamblin / monthlyCVEStats
  Monthly CVE Stats
  ☆43Updated 2 weeks ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆227Updated last year
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆69Updated 2 weeks ago
• anchore / grype-db
  ☆54Updated this week
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆131Updated last year
• usnistgov / swid-tools
  ☆15Updated last week
• cytix-software / AppSec-Detection-Framework
  A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…
  ☆32Updated last week
• OWASP-Benchmark / BenchmarkUtils
  OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
  ☆18Updated 2 weeks ago