My custom semgrep rules
☆23Sep 13, 2020Updated 5 years ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Custom semgrep rules registry☆14Aug 23, 2022Updated 3 years ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆24Oct 4, 2021Updated 4 years ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- ☆229Dec 18, 2025Updated 3 months ago
- Java安全相关,目前主要是CC链研究☆10Sep 1, 2022Updated 3 years ago
- Java ☕ reverse engineering tool - Batch decompile the jar package.☆11Feb 14, 2023Updated 3 years ago
- Easy fuzzing with go-fuzz☆14Apr 10, 2020Updated 5 years ago
- ☆10Jul 21, 2022Updated 3 years ago
- semgrep rules for flakiness, missed error handling, Lua antipatterns and pitfalls.☆18Nov 1, 2024Updated last year
- CVE-2022-22965 - CVE-2010-1622 redux☆19Apr 18, 2023Updated 2 years ago
- javaGGC for generate commons.collections gadget chain☆12Nov 10, 2021Updated 4 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Semgrep queries developed by Trail of Bits.☆486Nov 12, 2025Updated 4 months ago
- CVE-2023-52251 There is a Remote Code Execution vulnerability provectus/kafka-ui.☆20Jan 23, 2024Updated 2 years ago
- Nessus Cheat Sheet in HTML, PDF, PNG, ADOC☆12Apr 10, 2022Updated 3 years ago
- A collection of scripts based on libclang for extracting API information from interpreters☆25Jul 10, 2012Updated 13 years ago
- Semgrep rules specific to Frappe Framework☆56Mar 18, 2026Updated last week
- ☆14Sep 30, 2020Updated 5 years ago
- A POC for better exception reporting for futures☆12Aug 20, 2014Updated 11 years ago
- Go rules for semgrep and go-ruleguard☆479Nov 17, 2024Updated last year
- Semgrep rules corresponding to the OWASP ASVS standard☆27Nov 2, 2020Updated 5 years ago
- Static analysis tool to Identify and Fix GitHub Actions prone to Supply‑Chain Risks☆14Dec 24, 2025Updated 3 months ago
- Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests☆13Sep 24, 2015Updated 10 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Jan 30, 2017Updated 9 years ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- A presentation by Aaron Goldsmith☆10Mar 17, 2026Updated last week
- CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.☆35Dec 31, 2025Updated 2 months ago
- /slash is an open-source, mobile-first GitHub assistant powered by AI. Browse repos, review code, write or edit files with AI, and push c…☆20Aug 20, 2025Updated 7 months ago
- a Ruby implementation of Java's ObjectInputStream and ObjectOutputStream.☆16May 28, 2022Updated 3 years ago
- Semgrep rules to identify GWT attack surface☆12Apr 28, 2022Updated 3 years ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆85Updated this week
- CLI AI assistant doing your code reviews☆12Mar 18, 2026Updated last week
- Common Play Json implicits and helper methods☆15Aug 14, 2023Updated 2 years ago
- Runtime enforcement of software supply chain capabilities in Go☆19Nov 12, 2025Updated 4 months ago
- 一个基于 Vineflower 引擎的多线程 Java 批量反编译工具,支持快速处理大量的 class 文件和 JAR 文件。☆58Apr 28, 2025Updated 10 months ago
- Automate common code review chores with http://danger.systems.☆15Dec 18, 2025Updated 3 months ago
- I DOC VIEW RCE 的poc☆13Nov 23, 2023Updated 2 years ago
- ARCore sample project that visualizes the human heart on a marker and allows to freely place and transform nerve cells.☆13Jul 20, 2020Updated 5 years ago
- Start Linux programs with only selected syscalls enabled (libseccomp-based)☆24Jan 23, 2017Updated 9 years ago