grepmarx v0.4.2 releases: source code static analysis platform for security auditors

Grepmarx – source code static analysis platform for security auditors

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases.

Features

Code scanning capabilities

• Security code analysis (SAST – Static Analysis Security Testing)
• Multiple languages support: C/C++, C#, Go, HTML, Java, Kotlin, JavaScript, TypeScript, OCaml, PHP, Python, Ruby, Bash, Rust, Scala, Solidity, Terraform, Swift
• Multiple frameworks support Spring, Django, Flask, jQuery, Express, and Angular…
• Inspector: automatic application features discovery

Analysis rules

• 1600+ existing analysis rules
• Easily extend analysis rules using Semgrep syntax: https://semgrep.dev/editor
• Manage rules in rule packs to tailor code scanning

Extra

• Analysis workbench designed to efficiently browse scan results
• Scan code that doesn’t compile
• Comprehensive LOC (Lines of Code) counter
• … and a Dark Mode

Changelog v0.4.2

• Add support for C#
• Adjust workbench styles
• Switch dark mode without page refresh (except for the workbench)
• Bugfix: project list was continuously refreshing if a project was in state Pending

Install & Use

Copyright (c) Microsoft Corporation. All rights reserved.