A collection of Semgrep rules which followed security guidelines for .NET and Java.
☆24Oct 4, 2021Updated 4 years ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 11 months ago
- ☆233Apr 24, 2026Updated 2 weeks ago
- ☆19Feb 3, 2026Updated 3 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of permissively licensed Semgrep rules.☆22Jul 5, 2024Updated last year
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of h…☆81Feb 27, 2025Updated last year
- A collection of my Semgrep rules☆51Jul 4, 2023Updated 2 years ago
- Semgrep rules specific to Frappe Framework☆59Mar 18, 2026Updated last month
- ☆18Dec 20, 2025Updated 4 months ago
- ☆17Jan 6, 2025Updated last year
- ☆26Dec 31, 2025Updated 4 months ago
- Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests☆13Sep 24, 2015Updated 10 years ago
- Collection of rules for Static Application Security Testing (SAST) with Semgrep☆12Apr 16, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A lightweight, extensible cybersecurity toolkit that connects AI assistants to security tools through the Model Context Protocol (MCP), e…☆13Jun 13, 2025Updated 10 months ago
- Curated Collection of Popular Community Rules for Semgrep☆18Dec 27, 2023Updated 2 years ago
- An ultra lightweight web screenshot tool with advanced DOM analysis features.☆43Apr 1, 2026Updated last month
- Low Noise Semgrep Security Rules☆23Feb 6, 2025Updated last year
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 4 years ago
- A collection of my Semgrep rules to facilitate vulnerability research.☆812Apr 12, 2026Updated 3 weeks ago
- Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 iss…☆83Jun 11, 2025Updated 10 months ago
- SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.☆29Jan 26, 2025Updated last year
- Runtime enforcement of software supply chain capabilities in Go☆19Nov 12, 2025Updated 5 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Semgrep queries developed by Trail of Bits.☆502Nov 12, 2025Updated 5 months ago
- jgstew's personal pages☆12Dec 15, 2025Updated 4 months ago
- Ricerca che mostra come scrivere regole per SemGrep per cercare SQL Injection nei plugin di Wordpress che usano action AJAX☆19Jul 22, 2023Updated 2 years ago
- An efficient domain name availability bulk checker that looks for the presence of DNS Records before querying the Whois Server to save on…☆35Oct 26, 2010Updated 15 years ago
- nmapParser.py is a tool developed for consultants doing nmap scans against a large range of hosts. I found it easy to identify hosts that…☆13Jan 19, 2016Updated 10 years ago
- ☆51Jan 20, 2022Updated 4 years ago
- 之前做系统,要对接AWVS11,写了一个可以python3的调用文档,感兴趣的可以看看☆11Dec 6, 2017Updated 8 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,147Updated this week
- Swagger with Conventional Routing support☆11Dec 8, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Offensive Web is a documentation website about web security research, bypass and new exploitation techniques.☆34Feb 14, 2026Updated 2 months ago
- A public project which includes all test cases for fireline.☆16Jun 1, 2017Updated 8 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago
- wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).☆33Jan 22, 2026Updated 3 months ago
- This is a proof-of-concept of malicious software running inside of ModSecurity WAF.☆34Jul 24, 2025Updated 9 months ago
- Network scanner☆46Apr 2, 2026Updated last month
- Datasette plugin for outputting tables in formats suitable for copy and paste☆16Feb 17, 2024Updated 2 years ago