A curated list of CodeQL resources.
CodeQL Getting Started and Guides (along side the official docs)
- GitHub Security Lab - From trying out CodeQL to secure your own code to collecting bug bounties by securing others', here are a few ways we can keep the world's software safe, together.
- testing-handbook - The Trail of Bits Testing Handbook is a resource that guides developers and security professionals in configuring, optimizing, and automating many of the static and dynamic analysis tools used at Trail of Bits.
- grab_ql - Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
- codeql-anywhere - Put the power of CodeQL in your pocket, take it with you to any CI 🚀
- codeql-jupyter-kernel - Jupyter Kernel for CodeQL
- gh-codeql - GitHub CLI extension for working with CodeQL
- gh-codeql-scan - GH CLI CodeQL Scan Extension
- gh-mrva - Multi-repo variant analysis CLI support
- codeql-summarize - CodeQL Summary Generator to generate Models as Data (MaD) from CodeQL databases.
CodeQL Packs
- GitHub-maintained packages
- GitHub Security Lab community - Collection of community-driven CodeQL query, library and extension packages
- Trail of Bits - codeql-queries - CodeQL queries and packs developed by Trail of Bits
- GitHub codeql-coding-standards - This repository contains CodeQL queries and libraries which support various Coding Standards. (AUTOSAR C++, CERT-C++,CERT C, MISRA C)
- codeql-bundle-action - Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
- codeql-bunldle - CLI to build a custom CodeQL bundle
- gh-tailor - A tool for customizing CodeQL packs.
- Microsoft solorigate queries
- GitHub codeql-coding-standards-bundle-releases - CodeQL bundles containing the CodeQL Coding Standards queries
- Only Critical Queries sample .qls
- OWASP Top 10 CWE Only .qls
- CodeQL per Suite Query list - download the attached
code-scanning-query-list.csvartifact.
- CodeQL Build Failure Troubleshooting
- GitHub SARIF Upload Troubleshooting
- CodeQL Coding Standards - Hazard and risk analysis
- parallel-code-scanning - An example of a GitHub Actions workflow showing how code scanning with CodeQL can be parallelized on monorepos.
- multi-lang-monorepo - A repo that demonstrates using an Actions workflow Job matrix to run parallel CodeQL scans on applications in a monorepo.
- set-codeql-language-matrix - Automatically set the CodeQL matrix job using the languages in your repository.
- filter-sarif - GitHub Action for filtering Code Scanning alerts by path and id
- sarif-toolkit - Allows users to split up SARIF files that use submodules into multiple SARIF files that are then published to there appropriate repositories.
- codeql-debug - Add this action to an existing CodeQL analysis workflow to generate an html report
- dismiss-alerts - Dismisses GitHub Code Scanning alerts from
//codeql[supress reason]style comments on the default branch - adjust-cvss - Adjust the severity of the CVSS score assigned to a result in SARIF file
- codeql-sarif-security-standard-annotator - Add an
owasp-top10-2021tag to relevant results - delombok - Delombok Java Code for analysis with Code Scanning (deprecated - now supported by CodeQL)
- badge-generator -
Magically generate Markdown badges for your docs 🛡️ 🦡 🧙
- Visual Studio SARIF Viewer - Visual Studio Static Analysis Results Interchange Format (SARIF) log file viewer
- VSCode SARIF Viewer - Adds support for viewing SARIF logs in Visual Studio Code
- IntelliJ SARIF Viewer
- SARIF Viewer Web Component
- psastras/sarif-rs-sarif-fmt - This crate provides a command line tool to pretty print SARIF files to easy human readable output.
- codeql-docker - CodeQL Docker image
- codeql-container - Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
- codeql_container_example - Example showing CodeQL to scan containerized applications in GitHub Actions.
- codeql-container-builds - Blog walking through the complexities of implementing containerized CodeQL workloads sprinkled with bits of Kubernetes wisdom.
- advanced-security-enforcer - A GitHub action for organizations that enables advanced security code scanning on all new repos
- codeql-selective-analysis - Make CodeQL a required status check for Pull Requests, but to skip the analysis in the case that only a certain subset of files are modified
- codeql-extractor-iac - CodeQL Extractors, Library, and Queries for Infrastructure as Code ( Terraform / HCL, JSON, YAML, Container files, Bicep )
- codeql-kaleidoscope - CodeQL for LLVM Kaleidoscope (AST/CFG/SSA/Dataflow in separate commits)
- Powershell Extractor - CodeQL extractor, sample queries, and tools for Powershell
- CyScout Solidity Extractor - Run queries and detect vulnerabilities in your smart contracts using CodeQL-Solidity
- sample-pipeline-files - This repository contains pipeline files for various CI/CD systems (AWS CodeBuild, Azure Devops, CircleCI, DroneCI, Jenkins, Tekton, Travis), illustrating how to integrate the CodeQL CLI Bundle for Automated Code Scanning
- Python Pickle - mapping a custom framework in python
- How to write CodeQL Queries
- CodeQL Language Guide
- QL Language reference
- CodeQL Standard Libraries
- CodeQL Query Help
- Full CodeQL Documentation
- Find bugs in your code with CodeQL
- Finding security vulnerabilities in JavaScript with CodeQL
- Finding security vulnerabilities in Java with CodeQL
- Finding security vulnerabilities in C/C++ with CodeQL
- CodeQL as an Audit Oracle
Contributions welcome! Read the contribution guidelines first.