AI agent that watches your errors and opens fix PRs

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…

My CV

My infrastructure on Proxmox

💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline

UI 컴포넌트 갤러리

12 Lessons to Get Started Building AI Agents

Go library for SARIF - Static Analysis Results Interchange Format

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Random code for HashiCorp related projects, training, etc.

The Sparrow Static Analyzer

Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.

ECMAScript Specification (ECMA-262) Metalanguage

Generate parsers from tree-sitter grammars extended to support Semgrep patterns

Language Server for protocol buffers

Go bindings for tree-sitter

Lexer and parser generator for Python

Metasploit Framework

Linux kernel source tree

Java grammar for tree-sitter

Cross-platform Rust rewrite of the GNU coreutils

Conan - The open-source C and C++ package manager

Automatic test generation for Java

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

An incremental parsing system for programming tools

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

Grammars written for ANTLR v4; expectation that the grammars are free of actions.