Alternatives and similar repositories for semgrep-rules:

Users that are interested in semgrep-rules are comparing it to the libraries listed below

• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆48Updated last year
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆88Updated last year
• gagliardetto / codebox
  Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
  ☆20Updated last year
• Leoid / Burp2Slack
  Push notifications to Slack channel or to custom server based on BurpSuite response conditions.
  ☆17Updated 4 years ago
• tuannq2299 / semgrep-rules
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆17Updated 3 years ago
• minight / h2csmuggler
  ☆28Updated 4 years ago
• mattiasgrenfeldt / bachelors-thesis-http-request-smuggling
  ☆69Updated 3 years ago
• janmasarik / bugshop
  ☆44Updated 4 years ago
• CoreyD97 / BurpExtenderUtilities
  A collection of utilities to simplify the creation of Burp Suite plugins
  ☆22Updated last year
• jimen0 / differer
  differer finds how URLs are parsed by different languages in order to help bug hunters break filters
  ☆63Updated 4 years ago
• N0MoreSecr3ts / wraith-signatures
  Signatures for wraith used to detect secrets across various sources
  ☆15Updated 2 years ago
• pelaohxc / postMessageFinder
  ☆36Updated 4 years ago
• parsiya / eslinter
  Manual JavaScript Linting is a Bug
  ☆49Updated 3 years ago
• PortSwigger / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆36Updated 2 years ago
• PortSwigger / nginx-alias-traversal
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆52Updated 3 years ago
• silentsignal / burp-uuid
  UUID issues for Burp Suite
  ☆51Updated 2 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 3 years ago
• 0x3c3e / recloud
  Find orphaned IP's on cloud services
  ☆29Updated 5 years ago
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆31Updated last year
• sw33tLie / ugly-scripts
  A collection of scripts for bug-bounty related stuff
  ☆38Updated 4 years ago
• defparam / haptyc
  ☆94Updated 3 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆61Updated 4 years ago
• minamo7sen / burp-JS-Miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆54Updated last year
• gocaio / sct
  Security checks for http headers and cookies
  ☆24Updated 3 years ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated last month
• Cache-Money / chronorace
  ☆70Updated 3 years ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆11Updated last year
• choirurrizal / paraminer
  finds hidden parameters
  ☆23Updated last year
• peterjson31337 / tetctf2021
  tetctf2020_amf_writeups
  ☆23Updated 4 years ago
• mlr0p / CVE-2021-33564
  Argument Injection in Dragonfly Ruby Gem
  ☆16Updated 3 years ago