Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Scan BuildClang's scan-build re-implementation in python
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
PhpmetricsBeautiful and understandable static analysis tool for PHP
PhpmdPHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
TajsType Analyzer for JavaScript
TipStatic program analysis for TIP
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
GrepbugsA regex based source code scanner.
PhpstanPHP Static Analysis Tool - discover bugs in your code without running it!
TailorCross-platform static analyzer and linter for Swift.
CodecheckerCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Pyc CfgPyc-cfg is a pure python control flow graph builder for almost all Ansi C programming language.
Cfmtcfmt is a tool to wrap Go comments over a certain length to a new line.
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Sonar DotnetCode analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Stan🕵️ Haskell STatic ANalyser
Cwe checkercwe_checker finds vulnerable patterns in binary executables
ClangMirror kept for legacy. Moved to https://github.com/llvm/llvm-project
grootStatic verification tool for DNS zone files
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
ebaEBA is a static bug finder for C.
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
identypoidentypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
ExiaMillion-scale code analysis and refactoring toolkit for Java
unimportunimport is a Go static analysis tool to find unnecessary import aliases.
phpstan-netteNette Framework class reflection extension for PHPStan & framework-specific rules
Fortran-ToolsFortran compilers, preprocessors, static analyzers, transpilers, IDEs, build systems, etc.
lintsLint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command