✊ Detect non-inclusive language in your source code.

Awesome Java Security Resources 🕶☕🔐

A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

LibScout: Third-party library detector for Java/Android apps

Code metrics for Java code by means of static analysis

The CodeQL extractor and libraries for Go.

Intellisense for PHP

Security scanner for your Terraform code

Custom Python linting through AST expressions

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Bolt is a language with in-built data-race freedom!

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Swiss-army knife for D source code

Code Climate CLI

Policeman's Forbidden API Checker

⚗️ Adds code analysis to Laravel improving developer productivity and code quality.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

A reviewed list of useful PHP static analysis tools