CfripperLibrary and CLI tool for analysing CloudFormation templates and check them for security compliance.
PhpdeprecationdetectorAnalyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.
KraneKubernetes RBAC static Analysis & visualisation tool
Bytecode ViewerA Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
DetektStatic code analysis for Kotlin
mobsfscanmobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
cppcheck-configsConfiguration files that allow cppcheck to provide better static analysis results
unimportA linter, formatter for finding and removing unused import statements.
freki🐺 Malware analysis platform
flycheck-elsaFlycheck integration for Elsa---Emacs lisp static analyzer
crusherNo description or website provided.
progge.rsProgram analysis playground for a simple, imperative language
MalScanA Simple PE File Heuristics Scanners
bridgecrew-actionThis Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
monadic-cfaGeneric implementation of different CFA families based on monadic decomposition
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
qodana-action⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana
automutateApplies waves of mutations provided by other tools, such as linters or codemods.
infrared✨🚀 Blazing fast, inferred static type checker for JavaScript.
addlintAn example linter written with go/analysis for tutorial purposes
ethereum-dasmAn ethereum evm bytecode disassembler and static/dynamic analysis tool
golintuiA simple terminal UI for Go linters
pahoutA pair programming partner for writing better PHP. Pahout means PHP mahout 🐘
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
averroesJava bytecode generator for sound and precise partial program analysis
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Debt-ManagerA personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎
SixtyPicalA 6502-oriented low-level programming language supporting advanced static analysis
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
malossTowards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
clair-cicdMaking CoreOS' Clair easily work in CI/CD pipelines
luacheckA tool for linting and static analysis of Lua code.
BEFA-LibraryHigh-level library for executable binary file analysis
JAWJAW: A Graph-based Security Analysis Framework for JavaScript and Client-side CSRF
LibPeckeran obfuscation-resilient, highly precise and reliable library detector for Android applications
alpine-shellcheckDocker image for Alpine Linux with latest ShellCheck, a static analysis tool for shell scripts.
SqlServer.RulesSQL Server static code analysis rules for SSDT database projects
clamStatic Analyzer for LLVM bitcode based on Abstract Interpretation
OpenStaticAnalyzerOpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
surveyor📐 Tools for surveying Dart packages
vim-mypyVim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)
snapSnap Programming Language
IDA WrapperAn IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.