Semgrep logo

Semgrep

Static analysis at ludicrous speed.

Pricing: Free
Visit website

What is Semgrep?

Semgrep is a highly-configurable SAST tool that looks for recurring patterns in the syntax tree. It can either run locally using Docker or be integrated into the CI/CD pipeline with Github Actions.

Results are delivered as JSON files, allowing you to pipe the results into other tools, like jq in order to manipulate them.

More tools in Security Testing

Terrascan logo

Terrascan

Security Testing

Static code analyzer for Infrastructure as Code

Free
gitleaks logo

gitleaks

Security Testing

Scan git repos (or files) for secrets using regex and entropy 🔑

Free
Deepfence ThreatMapper logo

Deepfence ThreatMapper

Security Testing

Identify vulnerabilities in running containers, images, hosts and repositories

Free