#semgrep

clientside-js

Vasilii Ermilov

Most common clientside JavaScript XSS vulnerabilities

react

React security rules.

minusworld.express-xss

r2c

Cross-site scripting (XSS) secure defaults for Express.js

colleend.insecure-transport-nodejs

r2c

Rule pack for detecting insecure transport in node js

minusworld.go-std-xss

r2c

Secure defaults for XSS in Go.

r2c-best-practices

A collection of opinionated rules for best practices in popular languages. Recommended for users who want really strict coding standards.

minusworld.ruby-on-rails-xss

r2c

Secure defaults for XSS prevention for Ruby on Rails

minusworld.omni-xss

r2c

Secure defaults for XSS prevention

r2c-bug-scan

Find common bugs, errors, and logic issues in popular languages.

insecure-transport

Colleen Dai

Ensure your code communicates over encrypted channels instead of plaintext.

dockerfile

Selected rules from Hadolint, a Dockerfile linter, rewritten in Semgrep.

minusworld.java-httpservlet-jsp-xss

r2c

Secure XSS defaults for HttpServlets+JSP.

colleend.insecure-transport-javaspring

r2c

Rule pack for detecting insecure transport in java spring.

colleend.insecure-transport-javastdlib

r2c

Rule pack for detecting insecure transport in java stdlib.

nginx

Grayson Hardaway

Security checks for nginx configuration files.

r2c

Secure defaults for XSS prevention in Django

r2c

Rule pack for detecting insecure transport in node js

docker

Selected rules from Hadolint, a Dockerfile linter, rewritten in Semgrep.

docker-compose

Security checks for docker-compose configuration files.

kubernetes

Security checks for kubernetes configuration files.

semgrep-rule-lints

Rules for linting Semgrep rule YAML files for errors or performance problems

Brakeman ruleset curated by Semgrep.

r2c

Omni pack for insecure transport rules

r2c

Rule pack for detecting insecure transport in java spring.

electron desktop app

Vasilii Ermilov

Secure defaults for Command injection prevention

Vasilii Ermilov

Insecure usage of most popular headless browser APIs

r2c

Ruleset by r2c

Colleen Dai

Ensure your code communicates over encrypted channels instead of plaintext.

Vasilii Ermilov

Secure defaults for Command injection prevention

Vasilii Ermilov

Secure defaults for Command injection prevention

Colleen Dai

SQL injection guardrails. Checks for non-constant SQL queries and other SQLi.

PHP Laravel framework ruleset by Semgrep

Play framework ruleset by Semgrep

Vasilii Ermilov

Secure defaults for Command injection prevention

React rules which contain best practices and general code-smells, should not be run in CI/CD.

React rules available to team tier customers, this rule-pack would be the most recommended due to higher accuracy of sources.

Rulset for reverse shells, by Kurt Boberg

Vasilii Ermilov

Secure defaults for Command injection prevention

Secure defaults for XSS prevention for Ruby on Rails

Collection of rules preventing semgrep misconfigurations

Rule pack for detecting insecure transport in java spring.

Wordpress audit ruleset, ported from WPScan