Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
Updated
Nov 15, 2024 - OCaml
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Semgrep rules registry
Define and run pattern-based custom linting rules.
A collection of my Semgrep rules to facilitate vulnerability research.
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX report, attachments, automatic changelog, statistics, vulnerability management, bug bounty, pentest reporting !
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
Generic SAST Library
An extension to use Semgrep inside Burp Suite.
Manager of third-party sources of Semgrep rules 🗂
This project is deprecated. Use https://github.com/returntocorp/semgrep instead
🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
Semgrep extension for Visual Studio Code
GitHub Actions CI/CD - Master Template & Reusable Workflows Library - Docker Builds, AWS, Python, Terraform, Jenkins, Linting, Security Scanning, Make Builds etc.
Semgrep rules specific to Frappe Framework
Documentation of Semgrep: a fast, open-source, static analysis tool.
🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
Add a description, image, and links to the semgrep topic page so that developers can more easily learn about it.
To associate your repository with the semgrep topic, visit your repo's landing page and select "manage topics."