489 Open source projects that are alternatives of or similar to Semgrep
Sonar Dotnet
Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
Stars: ✭ 466 (-91.78%)
pahout
A pair programming partner for writing better PHP. Pahout means PHP mahout 🐘
Stars: ✭ 43 (-99.24%)
averroes
Java bytecode generator for sound and precise partial program analysis
Stars: ✭ 19 (-99.66%)
mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Stars: ✭ 148 (-97.39%)
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-98.76%)
sonar-esql-plugin
Sonar plugin to analyze ESQL-sourcecode of IBM Integration Bus projects
Stars: ✭ 26 (-99.54%)
pyan
Static call graph generator. The official Python 3 version. Development repo.
Stars: ✭ 186 (-96.72%)
Horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (-94.51%)
freshli-lib
A tool for collecting historical metrics about a project's dependencies
Stars: ✭ 12 (-99.79%)
Debt-Manager
A personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎
Stars: ✭ 22 (-99.61%)
cppcheck-configs
Configuration files that allow cppcheck to provide better static analysis results
Stars: ✭ 15 (-99.74%)
SixtyPical
A 6502-oriented low-level programming language supporting advanced static analysis
Stars: ✭ 25 (-99.56%)
maloss
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Stars: ✭ 46 (-99.19%)
JAW
JAW: A Graph-based Security Analysis Framework for JavaScript and Client-side CSRF
Stars: ✭ 26 (-99.54%)
LibPecker
an obfuscation-resilient, highly precise and reliable library detector for Android applications
Stars: ✭ 38 (-99.33%)
Rascal
The implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)
Stars: ✭ 284 (-94.99%)
Android-CICD
This repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉
Stars: ✭ 37 (-99.35%)
alpine-shellcheck
Docker image for Alpine Linux with latest ShellCheck, a static analysis tool for shell scripts.
Stars: ✭ 12 (-99.79%)
SqlServer.Rules
SQL Server static code analysis rules for SSDT database projects
Stars: ✭ 20 (-99.65%)
detekt-hint
Detection of design principle violations in Kotlin as a plugin to detekt.
Stars: ✭ 63 (-98.89%)
bridgecrew-action
This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
Stars: ✭ 52 (-99.08%)
Cleancppproject
Clean C++ project for you to use. Features: Modern CMake, CPack, Doxygen, PlantUML, Catch Unit testing, static analysis
Stars: ✭ 276 (-95.13%)
vim-mypy
Vim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)
Stars: ✭ 89 (-98.43%)
mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-97.53%)
Clangkit
ClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.
Stars: ✭ 330 (-94.18%)
61-120 of 489 similar projects