Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆42Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆119Updated this week
• oasis-tcs / sarif-spec
  OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues
  ☆187Updated this week
• RedHatProductSecurity / cvelib
  A Python library and command line interface for CVE Services.
  ☆68Updated this week
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆124Updated last week
• JosephTLucas / lintML
  A security-first linter for code that shouldn't need linting
  ☆16Updated last year
• google / plusfish
  Plusfish is a classic web application vulnerability scanner/fuzzer and aimed at security professionals
  ☆29Updated 2 years ago
• ShiftLeftSecurity / scan-docs
  ☆27Updated 2 years ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆115Updated 3 weeks ago
• trailofbits / deptective
  Deptective automatically determines the native dependencies required to run any arbitrary program or command.
  ☆113Updated last week
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆39Updated 3 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆95Updated last year
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 2 months ago
• oxsecurity / codetotal
  Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code securi…
  ☆78Updated 11 months ago
• DefectDojo / godojo
  Golang installer for DefectDojo
  ☆28Updated 6 months ago
• usnistgov / swid-tools
  ☆13Updated this week
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆79Updated 8 months ago
• Vulnogram / Vulnogram
  Vulnogram is a tool for creating and editing CVE information in CVE JSON format
  ☆197Updated 3 months ago
• cve-search / CveXplore
  CveXplore
  ☆42Updated 2 weeks ago
• fabric8-analytics / cvedb
  CVE database
  ☆21Updated 4 years ago
• apiiro / combobulator
  Dependency Combobulator
  ☆93Updated last year
• Checkmarx / chainjacking
  Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
  ☆59Updated 3 years ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆87Updated last year
• google / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆137Updated last year
• setu1421 / SecretBench
  SecretBench is a dataset consisting of different secret types collected from public open-source repositories.
  ☆38Updated last year
• Samsung / CredSweeper
  CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of cred…
  ☆131Updated last week
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆33Updated this week
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆40Updated 8 months ago