A collection of Semgrep rules which followed security guidelines for .NET and Java.
☆24Oct 4, 2021Updated 4 years ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 10 months ago
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆36Feb 27, 2025Updated last year
- ☆229Dec 18, 2025Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of h…☆76Feb 27, 2025Updated last year
- A collection of my Semgrep rules☆51Jul 4, 2023Updated 2 years ago
- My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)☆43Dec 3, 2025Updated 3 months ago
- ☆18Dec 20, 2025Updated 3 months ago
- Bug Bounty tool to automate the recon process.☆12Oct 4, 2023Updated 2 years ago
- Pre-compiled builds for CVE-2021-4034☆27Mar 30, 2022Updated 3 years ago
- Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests☆13Sep 24, 2015Updated 10 years ago
- Collection of rules for Static Application Security Testing (SAST) with Semgrep☆12Apr 16, 2025Updated 11 months ago
- Curated Collection of Popular Community Rules for Semgrep☆18Dec 27, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆41Dec 2, 2025Updated 3 months ago
- Low Noise Semgrep Security Rules☆23Feb 6, 2025Updated last year
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- A collection of my Semgrep rules to facilitate vulnerability research.☆804Updated this week
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆83Jun 11, 2025Updated 9 months ago
- SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.☆29Jan 26, 2025Updated last year
- Runtime enforcement of software supply chain capabilities in Go☆19Nov 12, 2025Updated 4 months ago
- Semgrep queries developed by Trail of Bits.☆486Nov 12, 2025Updated 4 months ago
- ARCore sample project that visualizes the human heart on a marker and allows to freely place and transform nerve cells.☆13Jul 20, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- nmapParser.py is a tool developed for consultants doing nmap scans against a large range of hosts. I found it easy to identify hosts that…☆13Jan 19, 2016Updated 10 years ago
- Applied Static Analysis☆11Aug 26, 2019Updated 6 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,110Updated this week
- ☆13Apr 23, 2025Updated 11 months ago
- Swagger with Conventional Routing support☆11Dec 8, 2022Updated 3 years ago
- Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command☆17Mar 31, 2020Updated 5 years ago
- NMAP NSE script that scans for http(s) server, takes a screenshot of them, and organizes the results into an HTML report.☆27Sep 20, 2014Updated 11 years ago
- JAVA Vul Code JAVA常见漏洞与防御代码示例☆10Sep 18, 2018Updated 7 years ago
- Building Truly Portable eBPF Programs☆21Apr 26, 2025Updated 11 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A curated list of audit rules which extract from Source Code Auditing tools.☆15Feb 19, 2020Updated 6 years ago
- Offensive Web is a documentation website about web security research, bypass and new exploitation techniques.☆33Feb 14, 2026Updated last month
- OWASP Juice Shop: Probably the most modern and sophisticated insecure web application☆23Nov 22, 2019Updated 6 years ago
- A public project which includes all test cases for fireline.☆16Jun 1, 2017Updated 8 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago
- wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).☆33Jan 22, 2026Updated 2 months ago
- This is a proof-of-concept of malicious software running inside of ModSecurity WAF.☆34Jul 24, 2025Updated 8 months ago