semgrep
Code analyzer
A tool for detecting bugs and enforcing coding standards in source code across multiple programming languages.
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
11k stars
104 watching
631 forks
Language: OCaml
last commit: about 1 month ago cgojavajavascriptpythonr2crubysastsemgrepstatic-analysisstatic-code-analysistypescript
Related projects:
| Repository | Description | Stars |
|---|---|---|
 csvl/sema | Analyzes malware by extracting and comparing system call dependencies to classify and detect malicious behavior | 101 |
 insidersec/insider | A tool that analyzes source code to identify security vulnerabilities and provides reporting on compliance with the OWASP Top 10 | 519 |
 flatt-security/shisho | A tool that analyzes code for security vulnerabilities and provides feedback to developers | 369 |
 zupit/horusec | Identifies security flaws in software projects through static code analysis | 1,154 |
 decurity/semgrep-smart-contracts | Provides a set of security and performance rules for smart contract code. | 643 |
 jfmengels/elm-review | A tool to help identify and fix common mistakes in Elm projects through static code analysis | 261 |
 wireghoul/graudit | A tool to identify potential security flaws in source code using static analysis and regular expressions. | 1,548 |
 tcosolutions/betterscan | A toolchain that scans source code and infrastructure IaC for security risks and provides a unified report. | 831 |
 swisskyrepo/vulny-code-static-analysis | A script to detect vulnerabilities in PHP source code using static analysis and regular expressions. | 397 |
 secdec/attack-surface-detector-burp | Identifies web app endpoints and parameters to help detect vulnerabilities | 98 |
 sonarsource/sonar-java | Analyzes Java code quality and security issues to help developers write cleaner code | 1,144 |
 naivesystems/analyze | Automates code security and compliance analysis for C++ projects. | 177 |
 exakat/php-static-analysis-tools | A curated collection of tools to identify and address issues in PHP code | 2,826 |
 scapegoat-scala/scapegoat | A tool for static code analysis that flags suspicious language usage in Scala code | 533 |
 security-code-scan/security-code-scan | Detects vulnerabilities in C# and VB.NET code | 942 |