SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+46.97%)
Mutual labels: static-analysis, hacktoberfest, code-analysis, findbugs
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-98.8%)
Mutual labels: security-audit, static-analysis, taint-analysis
Larastan⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
Stars: ✭ 3,554 (+103.32%)
Mutual labels: static-analysis, hacktoberfest, code-analysis
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-89.3%)
Mutual labels: static-analysis, security-audit, owasp
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+484.21%)
Mutual labels: static-analysis, owasp, cwe
auraPython source code auditing and static analysis on a large scale
Stars: ✭ 101 (-94.22%)
Mutual labels: security-audit, static-analysis, taint-analysis
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
Stars: ✭ 36 (-97.94%)
Mutual labels: findbugs, static-analysis, code-analysis
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+227%)
Mutual labels: static-analysis, taint-analysis
PdependPHP_Depend is an adaptation of the established Java development tool JDepend. This tool shows you the quality of your design in terms of extensibility, reusability and maintainability.
Stars: ✭ 727 (-58.41%)
Mutual labels: hacktoberfest, code-analysis
Php Language ServerPHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (-41.7%)
Mutual labels: static-analysis, code-analysis
Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: ✭ 64 (-96.34%)
Mutual labels: static-analysis, hacktoberfest
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (-68.54%)
Mutual labels: static-analysis, owasp
Zap ExtensionsOWASP ZAP Add-ons
Stars: ✭ 486 (-72.2%)
Mutual labels: hacktoberfest, owasp
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+259.32%)
Mutual labels: static-analysis, security-audit
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+258.7%)
Mutual labels: hacktoberfest, owasp
SpoonSpoon is a metaprogramming library to analyze and transform Java source code (up to Java 15). 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Stars: ✭ 1,078 (-38.33%)
Mutual labels: static-analysis, code-analysis
Eslint Plugin SonarjsSonarJS rules for ESLint
Stars: ✭ 458 (-73.8%)
Mutual labels: static-analysis, code-analysis
Pysonar2PySonar2: an advanced semantic indexer for Python
Stars: ✭ 1,074 (-38.56%)
Mutual labels: static-analysis, code-analysis
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+419.34%)
Mutual labels: hacktoberfest, owasp
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-95.48%)
Mutual labels: static-analysis, security-audit