trailofbits/semgrep-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

trailofbits/semgrep-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trailofbits/semgrep-rules)

Close

trailofbits / semgrep-rulesView on GitHubMore

• External links
• Readme badge

Semgrep queries developed by Trail of Bits.

☆508May 7, 2026Updated 2 weeks ago

Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• elttam / semgrep-rules

  View on GitHub
  ☆232Apr 24, 2026Updated 3 weeks ago
• 0xdea / semgrep-rules

  View on GitHub
  A collection of my Semgrep rules to facilitate vulnerability research.
  ☆813Apr 12, 2026Updated last month
• semgrep / semgrep-rules

  View on GitHub
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,161Updated this week
• trailofbits / codeql-queries

  View on GitHub
  CodeQL queries developed by Trail of Bits
  ☆160May 14, 2026Updated last week
• s0rcy / semgrep-rules

  View on GitHub
  Collection of Semgrep rules for security analysis
  ☆10Mar 30, 2024Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• federicodotta / semgrep-rules

  View on GitHub
  A collection of my Semgrep rules
  ☆51Jul 4, 2023Updated 2 years ago
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• iosifache / semgrep-rules-manager

  View on GitHub
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆110Dec 24, 2025Updated 4 months ago
• dgryski / semgrep-go

  View on GitHub
  Go rules for semgrep and go-ruleguard
  ☆478Nov 17, 2024Updated last year
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• mindedsecurity / semgrep-rules-android-security

  View on GitHub
  A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
  ☆328Nov 12, 2025Updated 6 months ago
• trailofbits / vscode-sarif-explorer

  View on GitHub
  SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results
  ☆50May 9, 2026Updated last week
• apiiro / malicious-code-ruleset

  View on GitHub
  Focused malicious code detection ruleset, with a high protection-to-noise ratio
  ☆146Feb 24, 2025Updated last year
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆41Oct 3, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• doyensec / Unsafe-Unpacking

  View on GitHub
  Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
  ☆43Dec 16, 2024Updated last year
• semgrep / semgrep

  View on GitHub
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆15,135May 14, 2026Updated last week
• trailofbits / necessist

  View on GitHub
  A mutation-based tool for finding bugs in tests
  ☆140Updated this week
• trailofbits / publications

  View on GitHub
  Publications from Trail of Bits
  ☆1,836Updated this week
• Decurity / semgrep-smart-contracts

  View on GitHub
  Semgrep rules for smart contracts based on DeFi exploits
  ☆712Jun 2, 2025Updated 11 months ago
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• tuannq2299 / semgrep-rules

  View on GitHub
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆24Oct 4, 2021Updated 4 years ago
• interruptlabs / semgrep_bn

  View on GitHub
  Binary Ninja plugin to automate the process of generating pseudo-C code, running Semgrep over the pseudo-C, and presenting the results.
  ☆36Feb 4, 2025Updated last year
• akabe1 / akabe1-semgrep-rules

  View on GitHub
  My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)
  ☆43Dec 3, 2025Updated 5 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• trailofbits / fickling

  View on GitHub
  A Python pickling decompiler and static analyzer
  ☆629Updated this week
• trailofbits / test-fuzz

  View on GitHub
  To make fuzzing Rust easy
  ☆204May 14, 2026Updated last week
• synopsys-sig / tslint-angular-security

  View on GitHub
  TSLint rules for Angular
  ☆18Nov 30, 2018Updated 7 years ago
• jlauinger / go-geiger

  View on GitHub
  Static code analysis tool to find unsafe usages in Go packages and their dependencies
  ☆44Sep 11, 2020Updated 5 years ago
• trailofbits / it-depends

  View on GitHub
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆393Updated this week
• DataDog / guarddog

  View on GitHub
  GuardDog is a CLI tool to Identify malicious PyPI and npm packages
  ☆1,088Updated this week
• semgrep-old / rules-owasp-asvs

  View on GitHub
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Nov 2, 2020Updated 5 years ago
• Permiso-io-tools / bucket-shield

  View on GitHub
  ☆14Jan 8, 2026Updated 4 months ago
• trailofbits / go-fuzz-utils

  View on GitHub
  ☆21Mar 23, 2026Updated last month
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• weggli-rs / weggli

  View on GitHub
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,484Jul 12, 2024Updated last year
• owasp-noir / noir

  View on GitHub
  Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.
  ☆1,194Updated this week
• synacktiv / nord-stream

  View on GitHub
  Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …
  ☆358Apr 21, 2026Updated last month
• jdyke / gcp-iam-analyzer

  View on GitHub
  Compares and analyzes GCP IAM roles.
  ☆79Mar 9, 2025Updated last year
• google / containerdbg

  View on GitHub
  ☆73May 13, 2025Updated last year
• google / localtoast

  View on GitHub
  ☆116Feb 11, 2026Updated 3 months ago
• bilals12 / clusterfuck

  View on GitHub
  ☆42Nov 13, 2025Updated 6 months ago