Semgrep

Lightweight static analysis for finding bugs

⭐ 4.6/5 (3200 reviews)

About Semgrep

Semgrep is a fast, open-source static analysis tool for finding bugs, detecting vulnerabilities, and enforcing code standards across many languages.

Key Features

  • Lightweight SAST scanning
  • 2,000+ community rules
  • Custom rule authoring
  • CI/CD integration
  • Multiple language support
  • Secrets detection

✅ Pros

  • Fast and lightweight
  • Easy custom rules
  • Free open-source core
  • Great developer experience

❌ Cons

  • Fewer rules than commercial SAST
  • Limited DAST capabilities
  • Enterprise features require paid
Ad Space (728x90)

More directories on dotprotools.com

AI ToolsNo-Code ToolsIndie Hacker ToolsSaaS ToolsDesign ToolsEvent Management ToolsRemote Work ToolsE-commerce ToolsProject Management ToolsAll Directories