Skip to main content
My Personal Wiki
GitHub Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  2. /
  3. Hacktivities
  4. /
  5. SAST Scanners
Edit page

SAST Scanners

Static analysis tooling. Please LMK if you know of more!

Example usages for most of these can be found in this directory: https://github.com/Skelmis/Hermes/tree/master/home/analysis

Bandit (Python)

Good sast tool for Python code.

Link: https://github.com/PyCQA/bandit Usage: uvx bandit -q -r <folder>

Brakeman (Ruby)

Link: https://github.com/presidentbeef/brakeman Usage: brakeman --no-exit-on-warn --no-exit-on-error -A --force <folder> (install seperate)

gosec (Go)

Like Bandit, but for go

Link: https://github.com/securego/gosec Usage: gosec -quiet <folder> (Install separate)

Semgrep (Generic)

Generic scanner for all the things. Non commerical usage.

Link: https://github.com/semgrep/semgrep Usage: uvx semgrep scan -q --config auto --no-git-ignore <folder>

There also exists a more ‘open’ version of this here https://github.com/opengrep/opengrep

gdoc_arrow_left_alt XSS Voice Biometrics gdoc_arrow_right_alt