Home

Dhscanner is a highly-parallel static code analyzer ( SAST engine ). It aims to compete with established solutions like Semgrep, Opengrep and CodeQl, while being completely free for both public and private repositories. The feauture that allows it to discriminate false positive findings is its ability to sematically understand user-input sanitation. This feature enabled us to achieve a significantly low false alarms ratio compared to other SAST solutions.

Info

Dhscanner was built as a collaborative research effort by a team of programming languages Phd's from Tel Aviv University.

There are three ways to use dhscanner:

• From CI/CD pipelines ( 👈 preferred and easiest way )
• From the CLI
• Use our "monstrous" server ( mostly for research )

Info

It is possible to shift your non-research workload to our server. Please open up an issue if this is relevant for your needs.