Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+1148.57%)
ApisanAPISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46 (-67.14%)
PanopticonA libre cross-platform disassembler.
Stars: ✭ 1,376 (+882.86%)
Php Language ServerPHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (+627.86%)
TypestatConverts JavaScript to TypeScript and TypeScript to better TypeScript.
Stars: ✭ 136 (-2.86%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+5868.57%)
ZpaA parser and source code analyzer for PL/SQL and Oracle SQL.
Stars: ✭ 124 (-11.43%)
Befa LibraryHigh-level library for executable binary file analysis
Stars: ✭ 12 (-91.43%)
Phpstan DrupalExtension for PHPStan to allow analysis of Drupal code.
Stars: ✭ 97 (-30.71%)
PhpqaDocker image that provides static analysis tools for PHP
Stars: ✭ 853 (+509.29%)
Jpacman FrameworkPacman-inspired game, for teaching testing purposes.
Stars: ✭ 95 (-32.14%)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+485.71%)
Argus SafArgus static analysis framework
Stars: ✭ 117 (-16.43%)
Awesome Go LintersA curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (+472.14%)
SlitherStatic Analyzer for Solidity
Stars: ✭ 759 (+442.14%)
Nodejsscannodejsscan is a static security code scanner for Node.js applications.
Stars: ✭ 1,874 (+1238.57%)
FlorentinoFast Static File Analysis Framework
Stars: ✭ 92 (-34.29%)
Tslint🚦 An extensible linter for the TypeScript language
Stars: ✭ 5,922 (+4130%)
Php Cs FixerA tool to automatically fix PHP Coding Standards issues
Stars: ✭ 10,709 (+7549.29%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (+397.14%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-43.57%)
Error ProneCatch common Java mistakes as compile-time errors
Stars: ✭ 5,799 (+4042.14%)
PhpinspectionseaA Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Stars: ✭ 1,211 (+765%)
AndromedaAndromeda - Interactive Reverse Engineering Tool for Android Applications
Stars: ✭ 627 (+347.86%)
FelixThe Felix Programming Language
Stars: ✭ 609 (+335%)
Rubocop RspecCode style checking for RSpec files
Stars: ✭ 603 (+330.71%)
RstcheckChecks syntax of reStructuredText and code blocks nested within it
Stars: ✭ 130 (-7.14%)
CrosshairAn analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (+318.57%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+7194.29%)
HadolintDockerfile linter, validate inline bash, written in Haskell
Stars: ✭ 6,284 (+4388.57%)
Jsprimea javascript static security analysis tool
Stars: ✭ 556 (+297.14%)
Anchore EngineA service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
Stars: ✭ 1,192 (+751.43%)
ShellcheckShellCheck, a static analysis tool for shell scripts
Stars: ✭ 27,211 (+19336.43%)
Dependency CruiserValidate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.
Stars: ✭ 2,326 (+1561.43%)
Lazy importerlibrary for importing functions from dlls in a hidden, reverse engineer unfriendly way
Stars: ✭ 544 (+288.57%)
Sonar Swiftsonar-swift.SonarQube iOS Plugin, Support Objective-C And Swift, Support Infer (SonarQube iOS 代码扫描插件,支持 Objective-C 和 Swift ,支持 Infer 结果导入 ) base on https://github.com/Idean/sonar-swift
Stars: ✭ 70 (-50%)
JediAwesome autocompletion, static analysis and refactoring library for python
Stars: ✭ 5,037 (+3497.86%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-22.86%)
Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: ✭ 64 (-54.29%)
PhpatPHP Architecture Tester - Easy to use architectural testing tool for PHP ✔️
Stars: ✭ 489 (+249.29%)
Ruby Type InferenceDynamic definitions and types provider for ruby static analysis
Stars: ✭ 129 (-7.86%)
SobelowSecurity-focused static analysis for the Phoenix Framework
Stars: ✭ 1,103 (+687.86%)
MutantAutomated code reviews via mutation testing - semantic code coverage.
Stars: ✭ 1,794 (+1181.43%)
CscoutC code refactoring browser
Stars: ✭ 139 (-0.71%)
Php testabilityAnalyses and reports testability issues of a php codebase
Stars: ✭ 136 (-2.86%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-8.57%)
Sast ScanFully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Stars: ✭ 104 (-25.71%)
Clj KondoA linter for Clojure code that sparks joy.
Stars: ✭ 1,083 (+673.57%)