Alternatives and similar repositories for semgrep-vscode

Users that are interested in semgrep-vscode are comparing it to the libraries listed below

• semgrep / semgrep-docs
  Documentation of Semgrep: a fast, open-source, static analysis tool.
  ☆40Updated this week
• semgrep / semgrep-action
  This project is deprecated. Use https://github.com/returntocorp/semgrep instead
  ☆73Updated last year
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆81Updated 9 months ago
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆109Updated 4 months ago
• microsoft / sarif-python-om
  Python classes for the SARIF object model
  ☆43Updated last year
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 5 months ago
• LLNL / Surfactant
  Modular framework for file information extraction and dependency analysis to generate accurate SBOMs
  ☆28Updated this week
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆114Updated 3 weeks ago
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆18Updated 7 months ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆79Updated 5 months ago
• ligurio / semgrep-rules
  semgrep rules for flakiness, missed error handling, Lua antipatterns and pitfalls.
  ☆14Updated 6 months ago
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆23Updated last week
• KaanSK / go-epss
  A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).
  ☆28Updated 2 months ago
• semgrep / mcp
  A MCP server for using Semgrep to scan code for security vulnerabilities.
  ☆148Updated last week
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆71Updated last year
• hmrc / security-git-hooks
  ☆18Updated last year
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• picatz / randomua
  A command-line application to generate random user agent strings.
  ☆17Updated 5 years ago
• usnistgov / swid-tools
  ☆13Updated last week
• kondukto-io / semgrep-rules
  Custom semgrep rules registry
  ☆12Updated 2 years ago
• trailofbits / testing-handbook
  Trail of Bits Testing Handbook
  ☆72Updated last month
• praetorian-inc / konstellation
  Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.
  ☆21Updated last year
• trailofbits / vscode-sarif-explorer
  SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results
  ☆23Updated last month
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆118Updated last year
• jtmelton / semgrep-idea-plugin
  ☆17Updated last year
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆94Updated 6 months ago
• ShiftLeftSecurity / scan-docs
  ☆28Updated 2 years ago
• ScottNorberg-NCG / CodeSheriff.NET
  ☆16Updated 11 months ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 2 months ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆114Updated last week