Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+10019.57%)
Go RuleguardDefine and run pattern-based custom linting rules.
Stars: ✭ 402 (+336.96%)
goreporterA Golang tool that does static analysis, unit testing, code review and generate code quality report.
Stars: ✭ 3,019 (+3181.52%)
DetektStatic code analysis for Kotlin
Stars: ✭ 4,169 (+4431.52%)
GoreporterA Golang tool that does static analysis, unit testing, code review and generate code quality report.
Stars: ✭ 2,943 (+3098.91%)
ExakatThe Exakat Engine : smart static analysis for PHP
Stars: ✭ 346 (+276.09%)
nestifDetect deeply nested if statements in Go source code
Stars: ✭ 30 (-67.39%)
lintsLint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command
Stars: ✭ 14 (-84.78%)
D ScannerSwiss-army knife for D source code
Stars: ✭ 221 (+140.22%)
Cpp2ILWork-in-progress tool to reverse unity's IL2CPP toolchain.
Stars: ✭ 689 (+648.91%)
SqlServer.RulesSQL Server static code analysis rules for SSDT database projects
Stars: ✭ 20 (-78.26%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (+113.04%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+2692.39%)
jest-it-up🌐📈 Automatically bump up global Jest thresholds whenever coverage goes above them
Stars: ✭ 37 (-59.78%)
Revive🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+3311.96%)
ChronosChronos - A static race detector for the go language
Stars: ✭ 272 (+195.65%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (+176.09%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (+238.04%)
VeribleVerible is a suite of SystemVerilog developer tools, including a parser, style-linter, and formatter.
Stars: ✭ 384 (+317.39%)
analysis-netStatic analysis framework for .NET programs.
Stars: ✭ 19 (-79.35%)
Elm AnalyseA tool that allows you to analyse your Elm code, identify deficiencies and apply best practices.
Stars: ✭ 418 (+354.35%)
BineeBinee: binary emulation environment
Stars: ✭ 408 (+343.48%)
PhpmndPHP Magic Number Detector
Stars: ✭ 431 (+368.48%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+1126.09%)
CodecheckerCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Stars: ✭ 1,209 (+1214.13%)
ZpaA parser and source code analyzer for PL/SQL and Oracle SQL.
Stars: ✭ 124 (+34.78%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (+113.04%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (+106.52%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (+140.22%)
BodycloseAnalyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Stars: ✭ 181 (+96.74%)
eaf-linter🤪 A linter, prettier, and test suite that does everything as-simple-as-possible.
Stars: ✭ 17 (-81.52%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+6.52%)
CflintStatic code analysis for CFML (a linter)
Stars: ✭ 156 (+69.57%)
QuerlyQuery Method Calls from Ruby Programs
Stars: ✭ 226 (+145.65%)
sbt-findbugsFindBugs static analysis plugin for sbt.
Stars: ✭ 47 (-48.91%)
dlintDlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
Stars: ✭ 130 (+41.3%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (-55.43%)
Wallace CliPretty CSS analytics on the CLI
Stars: ✭ 281 (+205.43%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-63.04%)
RstcheckChecks syntax of reStructuredText and code blocks nested within it
Stars: ✭ 130 (+41.3%)
Nba apiAn API Client package to access the APIs for NBA.com
Stars: ✭ 881 (+857.61%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (+17.39%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+709.78%)
tryceratopsA linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (+314.13%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+163.04%)
swap-detectorA library for detecting swapped arguments in function calls, and a Clang Static Analyzer plugin used to demonstrate the library.
Stars: ✭ 19 (-79.35%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+5545.65%)
ScalpelScalpel: The Python Static Analysis Framework
Stars: ✭ 176 (+91.3%)
go-perfguardCPU-guided performance analyzer for Go
Stars: ✭ 58 (-36.96%)
ramllintRAML Linter
Stars: ✭ 18 (-80.43%)
lint-html-with-cssLint HTML with CSS. A collection of CSS snippets from the hashtag #lintHTMLwithCSS on twitter. These CSS snippets intend to warn developers about common mistakes made in HTML.
Stars: ✭ 35 (-61.96%)
AbaplintStandalone linter for ABAP
Stars: ✭ 111 (+20.65%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (+39.13%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+497.83%)
go-mndMagic number detector for Go.
Stars: ✭ 153 (+66.3%)
mllint`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.
Stars: ✭ 67 (-27.17%)
eslintccComplexity of Code - JavaScript/TypeScript
Stars: ✭ 15 (-83.7%)