PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
TritonTriton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
PsalmA static analysis tool for finding errors in PHP applications
stack-guardA toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
auraPython source code auditing and static analysis on a large scale
FAROSFAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking
libdft64libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
augurPerformant taint analysis for Node.js