grepmarx: source code static analysis platform for security auditors

Grepmarx – source code static analysis platform for security auditors

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases.

source code static analysis

Features

Code scanning capabilities

  • Security code analysis (SAST – Static Analysis Security Testing)
  • Multiple languages support: C/C++, C#, Go, HTML, Java, Kotlin, JavaScript, TypeScript, OCaml, PHP, Python, Ruby, Bash, Rust, Scala, Solidity, Terraform, Swift
  • Multiple frameworks support Spring, Django, Flask, jQuery, Express, and Angular…
  • Inspector: automatic application features discovery

Analysis rules

  • 1600+ existing analysis rules
  • Easily extend analysis rules using Semgrep syntax: https://semgrep.dev/editor
  • Manage rules in rule packs to tailor code scanning

Extra

  • Analysis workbench designed to efficiently browse scan results
  • Scan code that doesn’t compile
  • Comprehensive LOC (Lines of Code) counter
  • … and a Dark Mode

Install & Use

Copyright (c) Microsoft Corporation. All rights reserved.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce