Docs

Reading

Articles

• CodeQL for Beginners
• Finding your presents using CodeQL: "When I was a kid, I could not contain my excitement about Christmas. Meeting my extended family, having a great dinner with lots of laughter and joy. There was a tradition for the kids to search for Christmas presents in the living room. Be it behind the couch, between the Christmas tree branches, or way up on the shelf. Given how much I enjoyed the journey of finding the presents each year, my parents tried to make it a bit more interesting. Sometimes using wrapping paper that matched the wallpaper, sometimes by hiding it inside the chimney. This game reached a point that the stashes were so good that I could not find all the presents anymore and at one point, even my parents forgot where they put all the gifts. Long story short, I found the present eventually…3 months later, tucked away in the bookshelf, wrapped in the book cover. Fast forward to today; let’s get some help using technology to find our presents this year. This year, let’s turn the complexity up a notch and use a whole codebase as a searching ground for our presents. The good thing is that we can hide a lot more gifts in our codebase due to its inherent complexity. We have a lot of actors (our team) that can hide presents – either accidentally or even deliberately 🤫. For the sake of simplicity, let’s assume we’re hosting our code on GitHub, as this offers us an easy way to set up some of the other things we need in our journey to find all the presents."

Papers

• Algebraic Data Types for Object-oriented Datalog

Getting Started and Guides (along side the official docs)

• CodeQL Learning Catalog - The CodeQL Learning Catalog is a resource dedicated providing detailed CodeQL learning resources. The Catalog contains workshops, recordings, and learning paths for improving your knowledge and skill in using CodeQL.
• GitHub Security Lab - From trying out CodeQL to secure your own code to collecting bug bounties by securing others', here are a few ways we can keep the world's software safe, together.
• testing-handbook - The Trail of Bits Testing Handbook is a resource that guides developers and security professionals in configuring, optimizing, and automating many of the static and dynamic analysis tools used at Trail of Bits.
• Custom Configuration File

Documentation

• How to write CodeQL Queries
• CodeQL Language Guide
• QL Language reference
• CodeQL Standard Libraries
• CodeQL Query Help
• Full CodeQL Documentation

Blogs

• GitHub - CodeQL zero to hero series
• GitHub - How GitHub uses CodeQL to secure GitHub

YouTube learning

• Find bugs in your code with CodeQL
• Finding security vulnerabilities in JavaScript with CodeQL
• Finding security vulnerabilities in Java with CodeQL
• Finding security vulnerabilities in C/C++ with CodeQL
• CodeQL as an Audit Oracle

Software

Installers

• GH CodeQL - GitHub CLI Extension for CodeQL to help manage installation
• grab_ql - Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
• codeql-anywhere - Put the power of CodeQL in your pocket, take it with you to any CI 🚀
• codeql-jupyter-kernel - Jupyter Kernel for CodeQL
• homebrew-cask - Homebrew cask to install the CodeQL CLI brew install --cask codeql

CLI Tooling

• gh-codeql - GitHub CLI extension for working with CodeQL
• gh-codeql-scan - GH CLI CodeQL Scan Extension
• gh-mrva - Multi-repo variant analysis CLI support

Customizations

• codeql-summarize - CodeQL Summary Generator to generate Models as Data (MaD) from CodeQL databases.

Packs

• GitHub-maintained packages
• GitHub Security Lab community - Collection of community-driven CodeQL query, library and extension packages. Blog: Announcing CodeQL Community Packs
• Trail of Bits - codeql-queries - CodeQL queries and packs developed by Trail of Bits
• GitHub codeql-coding-standards - This repository contains CodeQL queries and libraries which support various Coding Standards. (AUTOSAR C++, CERT-C++,CERT C, MISRA C)

Tooling (Bundles + Packs)

• codeql-bundle-action - Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations
• codeql-bunldle - CLI to build a custom CodeQL bundle
• gh-tailor - A tool for customizing CodeQL packs.

Libraries

• codeql-qtil - A library with a wide variety of handy CodeQL utilities, from simple to complex.

Queries/Bundles

• Microsoft solorigate queries
• GitHub codeql-coding-standards-bundle-releases - CodeQL bundles containing the CodeQL Coding Standards queries

Query Suites

• Only Critical Queries sample .qls
• OWASP Top 10 CWE Only .qls
• CodeQL per Suite Query list - download the attached code-scanning-query-list.csv artifact.

Troubleshooting

• CodeQL Build Failure Troubleshooting
• GitHub SARIF Upload Troubleshooting
• CodeQL Coding Standards - Hazard and risk analysis

Monorepo Actions Samples

• parallel-code-scanning - An example of a GitHub Actions workflow showing how code scanning with CodeQL can be parallelized on monorepos.
• multi-lang-monorepo - A repo that demonstrates using an Actions workflow Job matrix to run parallel CodeQL scans on applications in a monorepo.
• sample-javascript-monorepo - Detached fork of babel/babel to use as a TypeScript monorepo sample with 150+ packages using the monorepo-code-scanning-action

Actions Helpers

• set-codeql-language-matrix - Automatically set the CodeQL matrix job using the languages in your repository.
• filter-sarif - GitHub Action for filtering Code Scanning alerts by path and id
• sarif-toolkit - Allows users to split up SARIF files that use submodules into multiple SARIF files that are then published to there appropriate repositories.
• codeql-debug - Add this action to an existing CodeQL analysis workflow to generate an html report
• dismiss-alerts - Dismisses GitHub Code Scanning alerts from //codeql[supress reason] style comments on the default branch
• adjust-cvss - Adjust the severity of the CVSS score assigned to a result in SARIF file
• codeql-sarif-security-standard-annotator - Add an owasp-top10-2021 tag to relevant results
• delombok - Delombok Java Code for analysis with Code Scanning (deprecated - now supported by CodeQL)
• badge-generator - Magically generate Markdown badges for your docs 🛡️ 🦡 🧙
• monorepo-code-scanning-action - Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
• codeql-extractor-action - An Action that allows you to specify a CodeQL extractor to be used in your workflows as an author of an Extractor.

SARIF

• Visual Studio SARIF Viewer - Visual Studio Static Analysis Results Interchange Format (SARIF) log file viewer
• VSCode SARIF Viewer - Adds support for viewing SARIF logs in Visual Studio Code
• IntelliJ SARIF Viewer
• SARIF Viewer Web Component
• psastras/sarif-rs-sarif-fmt - This crate provides a command line tool to pretty print SARIF files to easy human readable output.

Containers

• codeql-docker - CodeQL Docker image
• codeql-container - Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
• codeql_container_example - Example showing CodeQL to scan containerized applications in GitHub Actions.
• codeql-container-builds - Blog walking through the complexities of implementing containerized CodeQL workloads sprinkled with bits of Kubernetes wisdom.

Enforcement

• advanced-security-enforcer - A GitHub action for organizations that enables advanced security code scanning on all new repos
• codeql-selective-analysis - Make CodeQL a required status check for Pull Requests, but to skip the analysis in the case that only a certain subset of files are modified

Extractors

• codeql-extractor-iac - CodeQL Extractors, Library, and Queries for Infrastructure as Code ( Terraform / HCL, JSON, YAML, Container files, Bicep )
• codeql-extractor-bicep - CodeQL Extractor for Bicep Configurations
• codeql-kaleidoscope - CodeQL for LLVM Kaleidoscope (AST/CFG/SSA/Dataflow in separate commits)
• Powershell Extractor - CodeQL extractor, sample queries, and tools for Powershell
• CyScout Solidity Extractor - Run queries and detect vulnerabilities in your smart contracts using CodeQL-Solidity
• cobol-codeql - Archive of CodeQL support for COBOL (This is a one-off release of code for supporting analysis of COBOL programs using QL. The release of this code does not imply any intention to support it in the future.)

Extractor Helpers

• codeql-extractor-action - specify a CodeQL extractor to be used in your workflows as an author of an Extractor.

Samples

• sample-pipeline-files - This repository contains pipeline files for various CI/CD systems (AWS CodeBuild, Azure Devops, CircleCI, DroneCI, Jenkins, Tekton, Travis), illustrating how to integrate the CodeQL CLI Bundle for Automated Code Scanning
• Python Pickle - mapping a custom framework in python

Query Writing

• ReadMe Project - A beginner’s guide to running and managing custom CodeQL queries

---

Tags: tool   static analysis  

Last modified 02 November 2025

---

© 2020-2025 Ted Neward | Generated on 02.11.2025 07:35:51 | Mixed with Bootstrap v3.1.1 | Baked with JBake v2.6.5