Dogma🔐 A code style linter for Elixir
Sonar DotnetCode analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
SalusSecurity scanner coordinator
GosecGolang security checker
PhpmndPHP Magic Number Detector
PsalmA static analysis tool for finding errors in PHP applications
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
SaferwallA hackable malware sandbox for the 21st Century
SqlvetGo fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.
BineeBinee: binary emulation environment
Go RuleguardDefine and run pattern-based custom linting rules.
HuskyciPerforming security tests inside your CI
WalaT.J. Watson Libraries for Analysis
CredoA static code analysis tool for the Elixir language with a focus on code consistency and teaching.
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
EngineDroidefense: Advance Android Malware Analysis Framework
Go ToolsStaticcheck - The advanced Go linter
EnlightnYour performance & security consultant, an artisan command away.
Dss📄 Documented Style Sheets Parser
GrypeA vulnerability scanner for container images and filesystems
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Clang Tools Extra Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
ReekCode smell detector for Ruby
ExakatThe Exakat Engine : smart static analysis for PHP
CodecompassCodeCompass is a software comprehension tool for large scale software written in C/C++ and Java
SemgrepLightweight static analysis for many languages. Find bug variants with patterns that look like source code.
ClangkitClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.
Booster🚀Optimizer for mobile applications
PmdAn extensible multilanguage static code analyzer.
DlintDlint is a tool for encouraging best coding practices and helping ensure we're writing secure Python code.
PylintIt's not just a linter that annoys you!
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
PytypeA static type analyzer for Python code
JaadasJoint Advanced Defect assEsment for android applications
Reviewdog🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Go CallvisVisualize call graph of a Go program using Graphviz
Cargo InspectPssst!... see what Rust is doing behind the curtains 🕵🤫
Sonar Php 🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
Freki🐺 Malware analysis platform
RascalThe implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)
NullawayA tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
CleancppprojectClean C++ project for you to use. Features: Modern CMake, CPack, Doxygen, PlantUML, Catch Unit testing, static analysis
LinterStatic Analysis Compiler Plugin for Scala
ChronosChronos - A static race detector for the go language
WotanPluggable TypeScript and JavaScript linter
SeahornSeaHorn Verification Framework
GoreporterA Golang tool that does static analysis, unit testing, code review and generate code quality report.