587 Open source projects that are alternatives of or similar to aura

Github mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

🐞 Primitive Erlang Security Tool

Making CoreOS' Clair easily work in CI/CD pipelines

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Performant type-checking for python.

A static analysis tool for finding errors in PHP applications

A static analysis security vulnerability scanner for Ruby on Rails applications

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Go Taint CHeck Analyser

a taint tracer based on DynamoRIO, currently ARM only

gqlanalysis makes easy to develop static analysis tools for GraphQL in Go.

OCCAM: Object Culling and Concretization for Assurance Maximization

Interface to PHPStan (PHP static analyzer)

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

A free and open-source SonarQube plugin for static code analysis of Scala projects.

C++ compile-time programming (serialization, reflection, code modification, enum to string, better enum, enum to json, extend or parse language, etc.)

The SECBIT Static Analysis Extension to Solidity Compiler

`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.

RubySec Field Guide

CPU-guided performance analyzer for Go

FAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking

Magic number detector for Go.

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.

🏥 PHPDoctor: Check files, full directories or strings for missing or bad PHPDoc types.

A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.

Detect deeply nested if statements in Go source code

SonarLint integration for Apache Netbeans

SonarQube CSS / SCSS / Less Analyzer

PHPStan based SQL static analysis and type inference for the database access layer

Scan Singularity container images using a Clair server

RFMap - Radio Frequency Mapper

Scalpel: The Python Static Analysis Framework

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

Fortran compilers, preprocessors, static analyzers, transpilers, IDEs, build systems, etc.

A graph-based static-dynamic hybrid DEX code analysis tool

A Small C Compiler

unimport is a Go static analysis tool to find unnecessary import aliases.

Custom sniffs for PHP_CodeSniffer

Defund the Police.

WordPress extensions for PHPStan ⛏️

Wanna get DRY? Static analysis tool for detecting repeat code.

RAML Linter

Nette Framework class reflection extension for PHPStan & framework-specific rules

libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)

PhpSpec extension for PHPStan

Automatic test case generation for python and static analysis library

A tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs

Want to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳

PHP Static Analysis in Github Actions.

Docker auditing and enumeration script.

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

PhpCodeAnalyzer scans codebase and analyzes which non-built-in php extensions used

Infer mvn deps from sources

A Golang tool that does static analysis, unit testing, code review and generate code quality report.

persistent monitor (for static source code analysis, GCC based)

Phantom types for Python.

LIFARS Networking Security GNU/Linux distro

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

The missing CMake project initializer