RelBinsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.
Stars: ✭ 27 (-41.3%)
Php ParserA PHP parser written in PHP
Stars: ✭ 15,101 (+32728.26%)
DeepstateA unit test-like interface for fuzzing and symbolic execution
Stars: ✭ 603 (+1210.87%)
Larastan⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
Stars: ✭ 3,554 (+7626.09%)
jayhornStatic checker for Java
Stars: ✭ 54 (+17.39%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+369.57%)
CredoA static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Stars: ✭ 4,144 (+8908.7%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (+380.43%)
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
Stars: ✭ 36 (-21.74%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+18065.22%)
LibscoutLibScout: Third-party library detector for Java/Android apps
Stars: ✭ 217 (+371.74%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (+52.17%)
EngineDroidefense: Advance Android Malware Analysis Framework
Stars: ✭ 386 (+739.13%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+350%)
SyftCLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (+326.09%)
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+12326.09%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (+326.09%)
binary-decompilationExtracting high level semantic information from binary code
Stars: ✭ 55 (+19.57%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (+313.04%)
EnlightnYour performance & security consultant, an artisan command away.
Stars: ✭ 378 (+721.74%)
CkCode metrics for Java code by means of static analysis
Stars: ✭ 187 (+306.52%)
Fortran-ToolsFortran compilers, preprocessors, static analyzers, transpilers, IDEs, build systems, etc.
Stars: ✭ 31 (-32.61%)
SlitherStatic Analyzer for Solidity
Stars: ✭ 759 (+1550%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+452.17%)
adelaideThe SECBIT Static Analysis Extension to Solidity Compiler
Stars: ✭ 16 (-65.22%)
SyntFind similar functions and classes in your JavaScript/TypeScript code
Stars: ✭ 178 (+286.96%)
malossTowards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Stars: ✭ 46 (+0%)
Rubysonaran advanced semantic indexer for Ruby
Stars: ✭ 175 (+280.43%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (+686.96%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+4380.43%)
clair-cicdMaking CoreOS' Clair easily work in CI/CD pipelines
Stars: ✭ 27 (-41.3%)
JpeekJava Code Static Metrics (Cohesion, Coupling, etc.)
Stars: ✭ 168 (+265.22%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+11191.3%)
BEFA-LibraryHigh-level library for executable binary file analysis
Stars: ✭ 14 (-69.57%)
PhpmdPHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Stars: ✭ 1,992 (+4230.43%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+5784.78%)
JAWJAW: A Graph-based Security Analysis Framework for JavaScript and Client-side CSRF
Stars: ✭ 26 (-43.48%)
NgastParser for Angular projects.
Stars: ✭ 152 (+230.43%)
alpine-shellcheckDocker image for Alpine Linux with latest ShellCheck, a static analysis tool for shell scripts.
Stars: ✭ 12 (-73.91%)
DetektStatic code analysis for Kotlin
Stars: ✭ 4,169 (+8963.04%)
SootSoot - A Java optimization framework
Stars: ✭ 2,049 (+4354.35%)
clamStatic Analyzer for LLVM bitcode based on Abstract Interpretation
Stars: ✭ 180 (+291.3%)
Gcc Python PluginGCC plugin that embeds CPython inside the compiler
Stars: ✭ 140 (+204.35%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (+1136.96%)
kccA Small C Compiler
Stars: ✭ 18 (-60.87%)
StoatSTatic (LLVM) Object file Analysis Tool
Stars: ✭ 44 (-4.35%)
DomtresatDominator Tree LLVM Pass to Test Satisfiability
Stars: ✭ 42 (-8.7%)
MedusaAn open source interactive disassembler
Stars: ✭ 946 (+1956.52%)
Error ProneCatch common Java mistakes as compile-time errors
Stars: ✭ 5,799 (+12506.52%)
Awesome LintersA community-driven list of awesome linters.
Stars: ✭ 439 (+854.35%)
mobsfscanmobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Stars: ✭ 148 (+221.74%)