## semgrep

<br>

* **[semgrep](https://github.com/semgrep/semgrep)** is the coolest tool for static analysis (searches code, finds bugs, and enforces secure guardrails and coding standards). 

<br>

---

### cool redings

<br>


* **[semgrep guide, by trails of bits](https://appsec.guide/docs/static-analysis/semgrep/)**
* **[semgrep rules for smart contracts, by raz0r](https://github.com/Raz0r/semgrep-smart-contracts)**