lintsLint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command
Stars: ✭ 14 (-26.32%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+3821.05%)
Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+48900%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+27236.84%)
ChronosChronos - A static race detector for the go language
Stars: ✭ 272 (+1331.58%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+2794.74%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+1173.68%)
klaraAutomatic test case generation for python and static analysis library
Stars: ✭ 250 (+1215.79%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (+115.79%)
ExakatThe Exakat Engine : smart static analysis for PHP
Stars: ✭ 346 (+1721.05%)
Go RuleguardDefine and run pattern-based custom linting rules.
Stars: ✭ 402 (+2015.79%)
Phpstan PhpunitPHPUnit extensions and rules for PHPStan
Stars: ✭ 247 (+1200%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (+78.95%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (+1536.84%)
DetektStatic code analysis for Kotlin
Stars: ✭ 4,169 (+21842.11%)
CodecheckerCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Stars: ✭ 1,209 (+6263.16%)
BineeBinee: binary emulation environment
Stars: ✭ 408 (+2047.37%)
ZpaA parser and source code analyzer for PL/SQL and Oracle SQL.
Stars: ✭ 124 (+552.63%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (+357.89%)
cmd-call-graphA simple tool to generate a call graph for calls within Windows CMD (batch) files.
Stars: ✭ 37 (+94.74%)
duplexDuplicate code finder for Elixir
Stars: ✭ 20 (+5.26%)
swap-detectorA library for detecting swapped arguments in function calls, and a Clang Static Analyzer plugin used to demonstrate the library.
Stars: ✭ 19 (+0%)
pssaSingular Spectrum Analysis for time series forecasting in Python
Stars: ✭ 119 (+526.32%)
ScalpelScalpel: The Python Static Analysis Framework
Stars: ✭ 176 (+826.32%)
rstaticAn R package for static analysis of R code.
Stars: ✭ 32 (+68.42%)
Revive🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+16421.05%)
Forbidden ApisPoliceman's Forbidden API Checker
Stars: ✭ 216 (+1036.84%)
phpstan-netteNette Framework class reflection extension for PHPStan & framework-specific rules
Stars: ✭ 87 (+357.89%)
go-mndMagic number detector for Go.
Stars: ✭ 153 (+705.26%)
gotchaGo Taint CHeck Analyser
Stars: ✭ 40 (+110.53%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+1236.84%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+13421.05%)
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Stars: ✭ 82 (+331.58%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+5836.84%)
PhpmndPHP Magic Number Detector
Stars: ✭ 431 (+2168.42%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+468.42%)
ebaEBA is a static bug finder for C.
Stars: ✭ 14 (-26.32%)
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
Stars: ✭ 36 (+89.47%)
tryceratopsA linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (+1905.26%)
CodeclimateCode Climate CLI
Stars: ✭ 2,273 (+11863.16%)
CilToolsA set of tools to work with CIL in .NET applications
Stars: ✭ 19 (+0%)
sbt-findbugsFindBugs static analysis plugin for sbt.
Stars: ✭ 47 (+147.37%)
unimportunimport is a Go static analysis tool to find unnecessary import aliases.
Stars: ✭ 64 (+236.84%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+415.79%)
identypoidentypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
Stars: ✭ 26 (+36.84%)
analysis-modelA library to read static analysis reports into a Java object model
Stars: ✭ 74 (+289.47%)
Cpp2ILWork-in-progress tool to reverse unity's IL2CPP toolchain.
Stars: ✭ 689 (+3526.32%)
InferA static analyzer for Java, C, C++, and Objective-C
Stars: ✭ 12,823 (+67389.47%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+10747.37%)
SPDSEfficient and Precise Pointer-Tracking Data-Flow Framework
Stars: ✭ 38 (+100%)
constybleCSS complexity linter
Stars: ✭ 92 (+384.21%)
OpenStaticAnalyzerOpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
Stars: ✭ 19 (+0%)
SqlServer.RulesSQL Server static code analysis rules for SSDT database projects
Stars: ✭ 20 (+5.26%)