phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-79.21%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+1630.69%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-21.78%)
clair-cicdMaking CoreOS' Clair easily work in CI/CD pipelines
Stars: ✭ 27 (-73.27%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+1940.59%)
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+5559.41%)
PsalmA static analysis tool for finding errors in PHP applications
Stars: ✭ 4,523 (+4378.22%)
BrakemanA static analysis security vulnerability scanner for Ruby on Rails applications
Stars: ✭ 6,281 (+6118.81%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+85.15%)
gotchaGo Taint CHeck Analyser
Stars: ✭ 40 (-60.4%)
dynTaintTracera taint tracer based on DynamoRIO, currently ARM only
Stars: ✭ 32 (-68.32%)
gqlanalysisgqlanalysis makes easy to develop static analysis tools for GraphQL in Go.
Stars: ✭ 36 (-64.36%)
OCCAMOCCAM: Object Culling and Concretization for Assurance Maximization
Stars: ✭ 20 (-80.2%)
phpstan.elInterface to PHPStan (PHP static analyzer)
Stars: ✭ 22 (-78.22%)
Industrial-Security-Auditing-FrameworkISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-57.43%)
sonar-scalaA free and open-source SonarQube plugin for static code analysis of Scala projects.
Stars: ✭ 113 (+11.88%)
flextoolC++ compile-time programming (serialization, reflection, code modification, enum to string, better enum, enum to json, extend or parse language, etc.)
Stars: ✭ 32 (-68.32%)
adelaideThe SECBIT Static Analysis Extension to Solidity Compiler
Stars: ✭ 16 (-84.16%)
mllint`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.
Stars: ✭ 67 (-33.66%)
rubysecRubySec Field Guide
Stars: ✭ 41 (-59.41%)
go-perfguardCPU-guided performance analyzer for Go
Stars: ✭ 58 (-42.57%)
FAROSFAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking
Stars: ✭ 16 (-84.16%)
go-mndMagic number detector for Go.
Stars: ✭ 153 (+51.49%)
codecatCodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.
Stars: ✭ 265 (+162.38%)
PHPDoctor🏥 PHPDoctor: Check files, full directories or strings for missing or bad PHPDoc types.
Stars: ✭ 54 (-46.53%)
SharePoint-SecurityA Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.
Stars: ✭ 42 (-58.42%)
nestifDetect deeply nested if statements in Go source code
Stars: ✭ 30 (-70.3%)
phpstan-dbaPHPStan based SQL static analysis and type inference for the database access layer
Stars: ✭ 163 (+61.39%)
clair-singularityScan Singularity container images using a Clair server
Stars: ✭ 14 (-86.14%)
RFMapRFMap - Radio Frequency Mapper
Stars: ✭ 23 (-77.23%)
ScalpelScalpel: The Python Static Analysis Framework
Stars: ✭ 176 (+74.26%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-46.53%)
Fortran-ToolsFortran compilers, preprocessors, static analyzers, transpilers, IDEs, build systems, etc.
Stars: ✭ 31 (-69.31%)
jitanaA graph-based static-dynamic hybrid DEX code analysis tool
Stars: ✭ 35 (-65.35%)
kccA Small C Compiler
Stars: ✭ 18 (-82.18%)
unimportunimport is a Go static analysis tool to find unnecessary import aliases.
Stars: ✭ 64 (-36.63%)
twlyWanna get DRY? Static analysis tool for detecting repeat code.
Stars: ✭ 42 (-58.42%)
ramllintRAML Linter
Stars: ✭ 18 (-82.18%)
phpstan-netteNette Framework class reflection extension for PHPStan & framework-specific rules
Stars: ✭ 87 (-13.86%)
libdft64libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
Stars: ✭ 174 (+72.28%)
klaraAutomatic test case generation for python and static analysis library
Stars: ✭ 250 (+147.52%)
dmn-checkA tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs
Stars: ✭ 34 (-66.34%)
nerfballWant to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳
Stars: ✭ 19 (-81.19%)
phpstanPHP Static Analysis in Github Actions.
Stars: ✭ 41 (-59.41%)
BlowholeDocker auditing and enumeration script.
Stars: ✭ 21 (-79.21%)
cliThe universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Stars: ✭ 811 (+702.97%)
PhpCodeAnalyzerPhpCodeAnalyzer scans codebase and analyzes which non-built-in php extensions used
Stars: ✭ 91 (-9.9%)
deps-inferInfer mvn deps from sources
Stars: ✭ 36 (-64.36%)
goreporterA Golang tool that does static analysis, unit testing, code review and generate code quality report.
Stars: ✭ 3,019 (+2889.11%)
bismonpersistent monitor (for static source code analysis, GCC based)
Stars: ✭ 45 (-55.45%)
MantOSLIFARS Networking Security GNU/Linux distro
Stars: ✭ 24 (-76.24%)
lintsLint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command
Stars: ✭ 14 (-86.14%)
cmake-initThe missing CMake project initializer
Stars: ✭ 1,071 (+960.4%)