Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆74Updated last year
• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆48Updated this week
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…
  ☆135Updated last week
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆132Updated this week
• iosifache / semgrep-rules-manager
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆98Updated last month
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 5 years ago
• AppThreat / atom
  atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆84Updated last week
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆42Updated last year
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆61Updated 3 years ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 3 months ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆123Updated 2 years ago
• Vulnogram / Vulnogram
  Vulnogram is the tool for reserving, managing, and publishing CVEs. Get started at vulnogram.org or deploy Docker edition for full enterp…
  ☆214Updated 3 weeks ago
• DefectDojo / godojo
  Golang installer for DefectDojo
  ☆29Updated last year
• nccgroup / ccs
  ☆114Updated 2 years ago
• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆226Updated last year
• trailofbits / deptective
  Deptective automatically determines the native dependencies required to run any arbitrary program or command.
  ☆127Updated last month
• pry0cc / jf
  A wrapper around jq, to help you parse jq output!
  ☆30Updated 5 years ago
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook - appsec.guide
  ☆92Updated this week
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆140Updated 5 months ago
• JLLeitschuh / bulk-security-pr-generator
  Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
  ☆36Updated 8 months ago
• llnl / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆39Updated this week
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆103Updated last year
• trailofbits / vendetect
  A tool to automatically detect copy+pasted and vendored code between repositories
  ☆74Updated this week
• tstromberg / supplychain-attack-data
  Data about all known supply-chain attacks through history
  ☆63Updated 8 months ago
• jtmelton / semgrep-idea-plugin
  ☆16Updated 2 years ago
• JosephTLucas / lintML
  A security-first linter for code that shouldn't need linting
  ☆17Updated 2 years ago
• wiz-sec-public / SITF
  A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.
  ☆97Updated this week
• projectdiscovery / naabu-action
  A fast port scanner written in go with a focus on reliability and simplicity.
  ☆21Updated last year
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆68Updated 7 months ago