All Categories → Code Quality → static-analysis

Top 329 static-analysis open source projects

Quality Police for Java projects
Automatically generates FORtran Documentation from comments within the code.
An open source script to perform malware static analysis on Portable Executable
Phpstan Phpunit
PHPUnit extensions and rules for PHPStan
Mobileapp Pentest Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Modernizer Maven Plugin
Detect uses of legacy Java APIs
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Php Parser
A PHP parser written in PHP
A set of utilities for checking Go sources. This repository has migrated to
Codeql Go
The CodeQL extractor and libraries for Go.
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
D Scanner
Swiss-army knife for D source code
Protoc Gen Lint
A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Php Static Analysis Tools
A reviewed list of useful PHP static analysis tools
Bolt is a language with in-built data-race freedom!
LibScout: Third-party library detector for Java/Android apps
Vulny Code Static Analysis
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Custom Python linting through AST expressions
Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
✊ Detect non-inclusive language in your source code.
Code metrics for Java code by means of static analysis
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Find similar functions and classes in your JavaScript/TypeScript code
[DEPRECATED] Security Scanner for Ethereum Smart Contracts
an advanced semantic indexer for Ruby
Datalog compiler in Rust as a procedural macro
A static analyzer for Java, C, C++, and Objective-C
Java Code Static Metrics (Cohesion, Coupling, etc.)
R2frida Wiki
This repo aims at providing practical examples on how to use r2frida
Phpstan Deprecation Rules
PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
I18n Extract
Manage localization with static analysis. 🔍
Parser for Angular projects.
Perl Critic
The leading static analyzer for Perl. Configurable, extensible, powerful.
Ts Morph
TypeScript Compiler API wrapper for static analysis and programmatic code changes.
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Crab Llvm
Static Analyzer for LLVM bitcode based on Abstract Interpretation
Psalm Plugin Laravel
A Psalm plugin for Laravel
Gcc Python Plugin
GCC plugin that embeds CPython inside the compiler
1-60 of 329 static-analysis projects