#Semgrep
Showing 14 of 14 repositories tagged #semgrep, ranked by stars
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
Define and run pattern-based custom linting rules.
Semgrep rules for smart contracts based on DeFi exploits
Find zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents.
VULNRฮPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!
A blazingly fast security scanner, written in Rust. Batteries included, TUI for triage, secrets, post-quantum audits, diff-aware scans and more ๐ฅ
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
GitHub Actions CI/CD - Master Template & Reusable Workflows Library - Docker Builds, AWS, Python, Terraform, Jenkins, Linting, Security Scanning, Make Builds etc.
Semgrep extension for Visual Studio Code
๐ Visualize and explore IaC โ๏ธ Create and share notes in VS Code ๐ค Sync notes and findings in real-time with friends
AI-powered SAST scanner that finds auth bypass, IDOR, and logic bugs Semgrep/CodeQL miss. Free GitHub Action. Supports Python, JS/TS, Go, PHP, Ruby.
Curation of DevSecOps tools that all work together inside the minimum amount of containers. Just run make exec and read the How To!
CVE hunting harness for Claude Code - 20 skills, 5-agent team, systematic vulnerability research with false positive elimination