Skip to content

CompSAST/CompSAST

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SAST scanners comparison

Semgrep CodeQL SonarQube PVS-Studio Opengrep PMD Joern

The following repository aimed to research what popular static analisys security testing (SAST) tools are best in vulnerabilities finding. The experiment would take several SAST instruments that able to multi-language scan in application, therefore, tools like Bandit or Clang-analizer are not in the testing list.

Main research file: RESEARCH

SAST tools to compare:

Benchmarks to test

About

Practival research to compare popular SAST tools

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors