Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+172.37%)
CkCode metrics for Java code by means of static analysis
Stars: ✭ 187 (+146.05%)
LibscoutLibScout: Third-party library detector for Java/Android apps
Stars: ✭ 217 (+185.53%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+2611.84%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+3914.47%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (+157.89%)
go-recipes🦩 Tools for Go projects
Stars: ✭ 2,490 (+3176.32%)
SyntFind similar functions and classes in your JavaScript/TypeScript code
Stars: ✭ 178 (+134.21%)
CheckA set of utilities for checking Go sources. This repository has migrated to https://gitlab.com/opennota/check
Stars: ✭ 225 (+196.05%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+228.95%)
duplexDuplicate code finder for Elixir
Stars: ✭ 20 (-73.68%)
SyftCLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (+157.89%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+218.42%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (+150%)
SPDSEfficient and Precise Pointer-Tracking Data-Flow Framework
Stars: ✭ 38 (-50%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+3823.68%)
Revive🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+4030.26%)
Rubysonaran advanced semantic indexer for Ruby
Stars: ✭ 175 (+130.26%)
newrelic-unix-monitorMonitoring service for Unix (AIX, Linux, HP-UX, MacOS, Solaris) systems
Stars: ✭ 26 (-65.79%)
JpeekJava Code Static Metrics (Cohesion, Coupling, etc.)
Stars: ✭ 168 (+121.05%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+184.21%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+4665.79%)
Phpstan Deprecation RulesPHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Stars: ✭ 160 (+110.53%)
FordAutomatically generates FORtran Documentation from comments within the code.
Stars: ✭ 245 (+222.37%)
BoltBolt is a language with in-built data-race freedom!
Stars: ✭ 215 (+182.89%)
SCAFA Speculation-Aware Collaborative Dependence Analysis Framework
Stars: ✭ 25 (-67.11%)
Forbidden ApisPoliceman's Forbidden API Checker
Stars: ✭ 216 (+184.21%)
Phpstan PhpunitPHPUnit extensions and rules for PHPStan
Stars: ✭ 247 (+225%)
UTBotCppTool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage
Stars: ✭ 59 (-22.37%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+3280.26%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (+157.89%)
code-reviewAutomated static analysis & linting bot for Mozilla repositories
Stars: ✭ 51 (-32.89%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+4600%)
RecafThe modern Java bytecode editor
Stars: ✭ 3,374 (+4339.47%)
iec-checkerStatic analysis of IEC 61131-3 programs
Stars: ✭ 36 (-52.63%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+146.05%)
Inline syscallInline syscalls made easy for windows on clang
Stars: ✭ 232 (+205.26%)
BodycloseAnalyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Stars: ✭ 181 (+138.16%)
tryceratopsA linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (+401.32%)
Securify[DEPRECATED] Security Scanner for Ethereum Smart Contracts
Stars: ✭ 177 (+132.89%)
Php ParserA PHP parser written in PHP
Stars: ✭ 15,101 (+19769.74%)
CrepeDatalog compiler in Rust as a procedural macro
Stars: ✭ 175 (+130.26%)
InferA static analyzer for Java, C, C++, and Objective-C
Stars: ✭ 12,823 (+16772.37%)
Codeql GoThe CodeQL extractor and libraries for Go.
Stars: ✭ 224 (+194.74%)
R2frida WikiThis repo aims at providing practical examples on how to use r2frida
Stars: ✭ 168 (+121.05%)
RubycriticA Ruby code quality reporter
Stars: ✭ 2,841 (+3638.16%)
D ScannerSwiss-army knife for D source code
Stars: ✭ 221 (+190.79%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+28.95%)
sturdySturdy is a library for developing sound static analyses in Haskell.
Stars: ✭ 49 (-35.53%)
lint-checksA set of opinionated and useful lint checks
Stars: ✭ 61 (-19.74%)
QuliceQuality Police for Java projects
Stars: ✭ 250 (+228.95%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (+190.79%)