Hello folks, I would like to introduce to semgrep that analyzes source code locally. Semgrep registry have enormous security rules which are updated regularly. It’s best part is one can write own rule and scan the source code. Isn’t is Amazing? Have a look at the semgrep Playground!!!
Simply use python command to install semgrep in your kali
python3 -m pip install semgrep
Go to source code directory and run semgrep comprehensive scan
python3 -m semgrep — config auto
registry.
Check semgrep supported language using -show-supported-languages with following command.
python3 -m semgrep — show-supported-languages
Run security-audit to scans the code for potential security issues with following command.
semgrep — config “p/security-audit”
