Projects in Awesome Lists tagged with codeql
A curated list of projects in awesome lists tagged with codeql .
https://github.com/github/codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
codeql github-advanced-security github-security-lab semmle-ql works-with-codespaces
Last synced: 13 May 2025
https://github.com/skills/secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
code-scanning code-security codeql skills-course
Last synced: 14 May 2025
https://github.com/astteam/codeql
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
0e0w codeql codeql-queries devsecops hackaspx hackgolang hackjava javasec learning-codeql ql sast semmle-ql
Last synced: 09 Aug 2025
https://github.com/ASTTeam/CodeQL
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
0e0w codeql codeql-queries devsecops hackaspx hackgolang hackjava javasec learning-codeql ql sast semmle-ql
Last synced: 05 Apr 2025
https://github.com/github/codeql-action
Actions for running CodeQL analysis
actions advanced-security ci code-scanning codeql semmle-ql
Last synced: 11 Apr 2025
https://github.com/quasilyte/go-ruleguard
Define and run pattern-based custom linting rules.
analysis codeql dynamic-rules go go-analysis gogrep golang linter ruleguard semgrep static-analysis
Last synced: 13 May 2025
https://github.com/summersec/learning-codeql
CodeQL Java 全网最全的中文学习资料
chinese codeql codeql-queries codeql-taint-tracking java javase learning-codeql
Last synced: 04 Apr 2025
https://github.com/SummerSec/learning-codeql
CodeQL Java 全网最全的中文学习资料
chinese codeql codeql-queries codeql-taint-tracking java javase learning-codeql
Last synced: 04 Nov 2025
https://github.com/madneal/articles-translator
:books:Translate the distinct technical blogs. Please star or watch. Welcome to join me.
article codeql css javascript memory-management npm parcel pwa react security security-tools vue web web-security webpack
Last synced: 15 May 2025
https://github.com/github/vscode-codeql-starter
Starter workspace to use with the CodeQL extension for Visual Studio Code.
codeql vscode vscode-extension works-with-codespaces
Last synced: 15 May 2025
https://github.com/github/codeql-go
The CodeQL extractor and libraries for Go.
codeql datalog go golang program-analysis static-analysis
Last synced: 14 Jan 2026
https://github.com/github/vscode-codeql
An extension for Visual Studio Code that adds rich language support for CodeQL
codeql vscode vscode-extension works-with-codespaces
Last synced: 15 May 2025
https://github.com/l3yx/Choccy
GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)
codeql security static-analysis
Last synced: 04 Apr 2025
https://github.com/blacktop/darwin-xnu-build
XNU kernel, Kernel Collection and CodeQL build scripts
apple codeql darwin kernel kernelcache xnu
Last synced: 13 Apr 2025
https://github.com/hudangwei/codemillx
codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)
code-scanning codeql codeql-models
Last synced: 17 Jan 2026
https://github.com/GitHubSecurityLab/CodeQL-Community-Packs
Collection of community-driven CodeQL query, library and extension packs
Last synced: 14 May 2025
https://github.com/github/codeql-coding-standards
This repository contains CodeQL queries and libraries which support various Coding Standards.
autosar cert code-scanning codeql coding-standards cpp14 functional-safety iso26262 misra
Last synced: 13 Apr 2025
https://github.com/microsoft/codeql-container
Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
codeql codeql-cli codeql-command codeql-container codeql-queries docker quality-ql-pack semmle
Last synced: 14 May 2025
https://github.com/j3ssie/codeql-docker
Ready to use docker image for CodeQL
codeql codeql-cli codeql-docker codql-cli docker sast static-analysis
Last synced: 23 Jul 2025
https://github.com/github/ghas-jira-integration
Synchronize GitHub Code Scanning alerts to Jira issues
Last synced: 04 Apr 2025
https://github.com/microsoft/windows-driver-developer-supplemental-tools
Supplemental open-source components for use in developing device drivers for Windows.
Last synced: 07 Apr 2025
https://github.com/marcono1234/codeql-jdk-docker
Unofficial Dockerfile and scripts for building CodeQL databases for the OpenJDK
Last synced: 10 Apr 2025
https://github.com/astteam/semgrep
《深入理解Semgrep》Finding vulnerabilities with Semgrep.
Last synced: 22 Feb 2025
https://github.com/zkoppert/advanced-security-enforcer
A GitHub action for organizations that enables advanced security code scanning on all new repos
actions advanced-security code-scanning codeql github-actions hacktoberfest
Last synced: 26 Jun 2025
https://github.com/github/codespaces-codeql
Get to know more about the concepts of CodeQL by trying our simple tutorials.
Last synced: 19 Oct 2025
https://github.com/williamkoller/my-readings
API of my readings, developed in Nest.js, MongoDB, Nginx and Dockerized
api api-rest authentication aws codeql codequality design-patterns docker mongodb nestjs nginx nginx-docker nginx-proxy s3 server-side solid solid-principles swagger swagger-express typescript
Last synced: 28 Apr 2025
https://github.com/tree-sitter/tree-sitter-ql
tree-sitter grammar for the CodeQL language
Last synced: 12 Apr 2025
https://github.com/advanced-security/codeql-bundle-action
Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
Last synced: 28 Apr 2025
https://github.com/jlleitschuh/lgtm_hack_scripts
Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
Last synced: 18 Mar 2025
https://github.com/gagliardetto/codebox
Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
codeql codeql-taint-tracking generate-code golang
Last synced: 24 Aug 2025
https://github.com/advanced-security/gh-codeql-scan
GH CLI CodeQL Scan Extension
Last synced: 16 Sep 2025
https://github.com/blacktop/darwin-webkit-build
WebKit/JSC CodeQL Databases
codeql compile-commands-json darwin javascriptcore jsc webkit
Last synced: 02 Jul 2025
https://github.com/gagliardetto/codemill
CodeQL model generation for Go.
codegenerator codeql codeql-models
Last synced: 23 Mar 2025
https://github.com/advanced-security/set-codeql-language-matrix
Automatically set the CodeQL matrix job using the languages in your repository.
Last synced: 28 Apr 2025
https://github.com/GitHubSecurityLab/codeql-jupyter-kernel
Jupyter Kernel for CodeQL
codeql jupyter jupyter-kernels jupyter-notebook jupyter-notebooks
Last synced: 14 May 2025
https://github.com/david-wiggs/codeql-anywhere
Put the power of CodeQL in your pocket, take it with you to any CI 🚀
Last synced: 14 May 2025
https://github.com/mikeroyal/codeql-guide
CodeQL Guide
codeql codeql-cli codeql-command codeql-container codeql-docker container containerization docker secure security security-tools
Last synced: 13 May 2025
https://github.com/advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
actions-workflow advanced-security code-scanning codeql ghas monorepo sarif sast
Last synced: 28 Apr 2025
https://github.com/skills/configure-codeql-language-matrix
Learn how to simplify your code scanning workflows with CodeQL language matrices
codeql github-advanced-security skills-course
Last synced: 22 Apr 2025
https://github.com/advanced-security/monorepo-code-scanning-action
Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
actions advanced-security code-scanning-ready codeql monorepo sast
Last synced: 14 Apr 2025
https://github.com/profjordanov/githubcards
React application developed for the Hybrid mobile applications class.
circleci codefactor codeql codespaces docker react students-manager
Last synced: 11 Sep 2025
https://github.com/nealfennimore/codeql-docker
CodeQL Docker wrapper
codeql codeql-cli codeql-command codeql-container codeql-docker
Last synced: 04 Mar 2025
https://github.com/isnackable/g8-codeql
DISM Final Year Project, Security Software Tool Development, CodeQL Scanner
advance-security code-scanning codeql security-tools
Last synced: 30 Mar 2025
https://github.com/artem-smotrakov/ql-fun
Examples of vulnerable code that can be detected by CodeQL queries.
Last synced: 22 Apr 2025
https://github.com/bonsite/bonsite
The official repository for Bonsite - The go to website for all your bonsai needs!
bonsai codeql drizzle-orm ecommerce neondb nextjs nodejs sonarcloud tailwindcss typescript web
Last synced: 12 Apr 2025
https://github.com/sin3point14/githubctf2020
The runner up submission of Github CTF 2020
Last synced: 17 Aug 2025
https://github.com/jguida941/contact-suite-spring-react
Full-stack contact, task, and appointment suite (Spring Boot 4.0.0 + React UI) with strict validation, defensive copies, JWT auth, JUnit 5 + AssertJ, JaCoCo and PITest, and multi-OS CI (Ubuntu and Windows on JDK 17/21) running SpotBugs, OWASP Dependency-Check, CodeQL, and ZAP, with the legacy service kept on the original-cs320 branch.
codeql continous-integration flyway full-stack github-actions jacoco-reports java junit-5 mutation-testing owasp-dependency-check pitest react rest-api spring-boot spring-data-jpa static-anaysis tailwindcss test-containers typescript vite
Last synced: 13 Jan 2026
https://github.com/kittysandbox-dotcom/parallel-code-scanning
A POC of how to run parallel code scanning a monorepo.
Last synced: 05 Oct 2025
https://github.com/rcowsill/workflow-scan-action
Scan GitHub Actions workflow files with CodeQL
actions codeql security workflow
Last synced: 03 Mar 2025
https://github.com/asadhasan/express-mongo-kubernetes
Basic Express service with MongoDB, deployed on Kubernetes.
axios buildpack codeql dependabot docker-compose eslint express github-actions helm kubernetes minikube mongodb mongoose multistage-docker nodejs npm okteto ts-jest tsc typescript
Last synced: 30 Dec 2025
https://github.com/kshyk/playwright-fw
codeql eslint git md playwright stale typescript workflows
Last synced: 19 Jan 2026
https://github.com/baloise-incubator/codeql2sonar-maven-plugin
Maven plugin parsing SARIF files created by CodeQL used for SonarQube issueReporter.
Last synced: 18 Sep 2025
https://github.com/coderdeltalan/ci-matrix-starter
Reusable GitHub Actions CI for Python/TypeScript with SBOM, CodeQL, Dependabot auto-merge, and PyPI publishing (OIDC Trusted Publisher). Always-green CI ready for DevSecOps.
always-green automation ci codeql cosign dependabot devsecops github-actions matrix node pnpm pre-commit pypi python reusable-workflows sbom security sigstore supply-chain typescript
Last synced: 04 Oct 2025
https://github.com/kshyk/cypress-fw
codeowners codeql cypress eslint git javascript md workflows
Last synced: 18 Jan 2026
https://github.com/nealfennimore/codeql-postgres-sql-injection
Testing CodeQL SQL injection queries
codeql codeql-docker pg sql-injection
Last synced: 08 Nov 2025
https://github.com/ugurcanerdogan/springboottemplate
It is a draft structure prepared for Spring Boot projects with JWT and others. Check the Readme for details.
bcrypt codeql dataloader dependabot docker docker-image dockerfile dto emailvalidation jwt jwt-authentication model mysql repo-service-controller role-based-authorization spring spring-boot spring-data spring-security springboot
Last synced: 06 Apr 2025
https://github.com/vinayaks439/golang-backend
Backend code practice in golang with psql with CI and opentelemetry (unit and integration tests with codeQL scan)
acid codeql golang jaeger-go opentelemetry postgresql sqlc tracing transactions
Last synced: 29 Mar 2025
https://github.com/felickz/codeql-tracer-netframework
Generates a CodeQL custom tracing configuration for ASP.NET to make MVCBuildViews and other compiler options conditional.
codeql codeql-cli codeql-exception
Last synced: 22 Nov 2025
https://github.com/j3ssie/sample-codeql-ci
This repository showcases GitHub Actions integrated with CodeQL for automated codebase security analysis.
Last synced: 24 Mar 2025
https://github.com/alexfariakof/easycryptosalt
Biblioteca simples e eficiente para operações criptográficas em .NET. Usando o algoritmo SHA-256, juntamente com a capacidade de comparar hashes utilizando uma chave e um salt.
codeql cryptography cryptography-algorithms csharp dotnet dotnet-core gitactions-workflow githubpackages nuget-package reportgenerator salt sha256-crypt singleton-pattern sonarcloud xunit xunit-tests
Last synced: 09 Apr 2025
https://github.com/gregoranders/idea-gradle-dependencies
JetBrains IntelliJ Gradle Dependencies Plugin
codeql gradle intellij-plugin java sonarcloud
Last synced: 13 Jun 2025
https://github.com/egregius313/qhelp-mode
Emacs mode for CodeQL qhelp documentation files
Last synced: 06 Oct 2025
https://github.com/fazledyn/sastquatch
(Work in progress) Simple static analysis tool based on CodeQL, Semgrep
codeql docker docker-image sast semgrep
Last synced: 12 Oct 2025
https://github.com/igorcamilo/tmdb-swift
Modern Swift client for The Movie Database (TMDB) API. Fetch movies, TV shows, and configuration data with pure Swift and multi-platform support.
api-client async-await codeql concurrency ios macos movies swift swift-package tmdb tv-shows tvos visionos watchos
Last synced: 21 Oct 2025
https://github.com/fguisso/backoffice-balm
BackOFFice Balm is a minimal Node.js/Express demo illustrating the Unvalidated Dynamic Method Call vulnerability in JavaScript.
Last synced: 22 Oct 2025
https://github.com/asadhasan/futurelearn-playwright-tests
Basic Playwright/test cross-browser test project
circleci codeql cross-browser-testing dependabot docker docker-compose eslint github-actions husky lint-staged nodejs npm playwright-test prettier sonarqube typescript
Last synced: 24 Oct 2025
https://github.com/felickz/custom-codeql
CodeQL customizations from @felickz!
Last synced: 27 Feb 2025
https://github.com/ivan-sincek/python-actions
Python SAST workflows.
codeql github-actions pytest python sast testing workflows yaml
Last synced: 16 Oct 2025
https://github.com/tkura37/workinghourscalculator
休憩時間・残業時間計算プログラム
c codeql cpp github-actions googletest
Last synced: 13 Jun 2025
https://github.com/barkerbg001/sarif-to-excel
A Python tool to process SARIF reports into well-formatted Excel files with enhanced readability, dynamic column adjustments, and text wrapping for streamlined analysis and reporting.
code-quality codeql excel python qodana reporting-tool sarif sonarqube static-analysis
Last synced: 10 Sep 2025
https://github.com/johnfromspace/taskboard
A small C++ backend service used as a demo application for a Modern Practices in DevOps course final project.
backend cmake cmakelists codeql continuous-delivery continuous-integration cpp devops docker docker-images dockerfiles ghcr github-actions-enabled github-workflows gitops infrastructure-as-code k8s kubernetes kubernetes-cluster sast
Last synced: 24 Dec 2025
https://github.com/thiago-roock/apache-kafka-mvp
um sistema de venda de ingressos dividido em duas partes, onde uma fique gerando a vendas de ingressos ao monte como se fosse um horário de pico das vendas para o show de um grande artista. E para que o sistema não caia teremos um processador dessas vendas, distribuído em diversas aplicações para aguentar a alta demanda de ingressos vendidos.
apache-kafka codeql confluent-kafka dotnet-core vscode
Last synced: 29 Mar 2025
https://github.com/aplatkouski/react-redux-javascript-boilerplate
Application boilerplate for React and Redux, implemented in Javascript.
boilerplate bootstrap codeql eslint javascript prettier react redux stylelint travis-ci webpack5
Last synced: 16 Jan 2026
https://github.com/asadhasan/just-eat-cypress-tests
Cypress tests of Just-Eat's website.
a11y-testing browserstack circleci codeql cypress cypress- cypress-axe cypress-dashboard docker docker-compose eslint github-actions husky lighthouse lint-staged mochawesome pa11y parallel-tests prettier typescript
Last synced: 12 Aug 2025
https://github.com/xophmeister/codeql-playground
codeql playground static-analysis
Last synced: 09 Aug 2025
https://github.com/tuxcoding/.github
Template project for GitHub related files
actions codeql dependabot funding github issues maven pull-request template workflow
Last synced: 23 Jul 2025
https://github.com/smelc/sarge-security-codeql
Demonstration of writing custom CodeQL rules and running them in CI
Last synced: 08 Oct 2025
https://github.com/asadhasan/fastapi-projections-service
Playing with FastAPI by creating an investment projections service (using Nutmeg's calculator to actually calculate the projections)
bandit black codecov codeql dependabot docker-compose fastapi flake8 github-actions heroku isort mypy nginx-unit openapi owasp-zap pre-commit pydantic pytest python3 requests
Last synced: 21 Jan 2026
https://github.com/akshat120/task-management-system
Nothing Repository
codeql dbmate fullstack-development golang grpc html interfaces-api microservices postgresql powershell test-driven-development
Last synced: 02 Nov 2025
https://github.com/devpow112/codify-images
:computer: Simple tool for converting a set of images into inline JavaScript
codeql coveralls dependabot github-actions image-converter nodejs semantic-release
Last synced: 19 Apr 2025
https://github.com/laugiov/code-safety
Security Engineering reference: taint analysis benchmark comparing Pysa, CodeQL & Semgrep on a controlled Django app (16 OWASP Top 10 cases). Includes CI/CD integration with SARIF, ground truth validation, and enterprise scaling patterns.
appsec benchmark cicd-security codeql devsecops django owasp pysa python sarif sast security semgrep static-analysis taint-analysis vulnerability-detection
Last synced: 24 Dec 2025
https://github.com/advanced-security/codeql_container_example
This repository serves as an exemplary resource demonstrating how to set up CodeQL to scan containerized applications for vulnerabilities. Its primary objective is to showcase the implementation of CodeQL in the code scanning process.
codeql codescanning containers
Last synced: 27 Feb 2025
https://github.com/cake-contrib/cake.codeql.cli
This plugin is a set of Cake aliases for GitHub CodeQL CLI (.NET Core or .NET6 or greater) used for scanning code hosted on GitHub or GitHub Enterprise when GitHub Actions is not an option.
cake-addin cake-build cake-contrib codeql csharp
Last synced: 31 Mar 2025
