Alternatives and similar repositories for semgrep-rules

Users that are interested in semgrep-rules are comparing it to the libraries listed below

• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆51Updated 2 years ago
• iosifache / semgrep-rules-manager
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆97Updated 3 weeks ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 7 months ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆106Updated 11 months ago
• elttam / semgrep-rules
  ☆223Updated last month
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆35Updated 10 months ago
• doyensec / Unsafe-Unpacking
  Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide
  ☆42Updated last year
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆41Updated 11 months ago
• Outpost24 / outpost24-cors-check
  Additional active scan checks for BURP
  ☆28Updated last year
• neex / ghostinthepdf
  ☆170Updated 4 years ago
• albinowax / albinowaxUtils
  ☆16Updated last month
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 10 months ago
• defparam / haptyc
  ☆95Updated 4 years ago
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆51Updated 3 years ago
• t0xodile / the-single-packet-shovel
  ☆21Updated 4 months ago
• MrTuxracer / advisories
  Security Advisories
  ☆35Updated 2 months ago
• nccgroup / cq
  ☆116Updated 2 years ago
• yacwagh / FAAST
  Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
  ☆67Updated 8 months ago
• C0DEbrained / Burp-Montoya-Utilities
  A collection of utilities for building extensions using Burp's Montoya API
  ☆52Updated 2 months ago
• redrays-io / WS_RaceCondition_PoC
  Simple PoC for demonstrating Race Conditions on Websockets
  ☆55Updated 2 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• hackvertor / shadow-repeater
  ☆42Updated 2 months ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 3 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Updated last year
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆134Updated 2 years ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆16Updated 2 years ago
• synacktiv / DepFuzzer
  ☆94Updated last month
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆32Updated 3 years ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆157Updated 5 months ago
• pentagridsec / archive_pwn
  A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes
  ☆43Updated last month