SemgrepLightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Stars: ✭ 5,668 (+3948.57%)
inline-plzInline your lint messages
Stars: ✭ 32 (-77.14%)
Phpstan DrupalExtension for PHPStan to allow analysis of Drupal code.
Stars: ✭ 97 (-30.71%)
quliceQuality Police for Java projects: aggregator of Checkstyle, PMD, and SpotBugs
Stars: ✭ 286 (+104.29%)
ClangkitClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.
Stars: ✭ 330 (+135.71%)
localhost-sonarqubeAnalysing source code locally with SonarQube in a Docker environment.
Stars: ✭ 17 (-87.86%)
PhpqaDocker image that provides static analysis tools for PHP
Stars: ✭ 853 (+509.29%)
subpyPython subsets
Stars: ✭ 41 (-70.71%)
PmdAn extensible multilanguage static code analyzer.
Stars: ✭ 3,667 (+2519.29%)
LyraNo description or website provided.
Stars: ✭ 23 (-83.57%)
DlintDlint is a tool for encouraging best coding practices and helping ensure we're writing secure Python code.
Stars: ✭ 320 (+128.57%)
luliA static analysis and linter tool for Lua
Stars: ✭ 45 (-67.86%)
binary-auditing-solutionsLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Stars: ✭ 61 (-56.43%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (+122.14%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (-30%)
Jpacman FrameworkPacman-inspired game, for teaching testing purposes.
Stars: ✭ 95 (-32.14%)
sturdySturdy is a library for developing sound static analyses in Haskell.
Stars: ✭ 49 (-65%)
JaadasJoint Advanced Defect assEsment for android applications
Stars: ✭ 304 (+117.14%)
SPDSEfficient and Precise Pointer-Tracking Data-Flow Framework
Stars: ✭ 38 (-72.86%)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+485.71%)
lint-checksA set of opinionated and useful lint checks
Stars: ✭ 61 (-56.43%)
Go CallvisVisualize call graph of a Go program using Graphviz
Stars: ✭ 3,692 (+2537.14%)
duplexDuplicate code finder for Elixir
Stars: ✭ 20 (-85.71%)
Argus SafArgus static analysis framework
Stars: ✭ 117 (-16.43%)
go-recipes🦩 Tools for Go projects
Stars: ✭ 2,490 (+1678.57%)
Cargo InspectPssst!... see what Rust is doing behind the curtains 🕵🤫
Stars: ✭ 295 (+110.71%)
RubycriticA Ruby code quality reporter
Stars: ✭ 2,841 (+1929.29%)
Awesome Go LintersA curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (+472.14%)
FordAutomatically generates FORtran Documentation from comments within the code.
Stars: ✭ 245 (+75%)
Clang Power ToolsBringing clang-tidy magic to Visual Studio C++ developers.
Stars: ✭ 285 (+103.57%)
Phpstan PhpunitPHPUnit extensions and rules for PHPStan
Stars: ✭ 247 (+76.43%)
RascalThe implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)
Stars: ✭ 284 (+102.86%)
RecafThe modern Java bytecode editor
Stars: ✭ 3,374 (+2310%)
SlitherStatic Analyzer for Solidity
Stars: ✭ 759 (+442.14%)
Inline syscallInline syscalls made easy for windows on clang
Stars: ✭ 232 (+65.71%)
CleancppprojectClean C++ project for you to use. Features: Modern CMake, CPack, Doxygen, PlantUML, Catch Unit testing, static analysis
Stars: ✭ 276 (+97.14%)
Php ParserA PHP parser written in PHP
Stars: ✭ 15,101 (+10686.43%)
Nodejsscannodejsscan is a static security code scanner for Node.js applications.
Stars: ✭ 1,874 (+1238.57%)
Larastan⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
Stars: ✭ 3,554 (+2438.57%)
Dingo HunterStatic analyser for finding Deadlocks in Go
Stars: ✭ 272 (+94.29%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+54.29%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (+57.86%)
WotanPluggable TypeScript and JavaScript linter
Stars: ✭ 271 (+93.57%)
FlorentinoFast Static File Analysis Framework
Stars: ✭ 92 (-34.29%)
SeahornSeaHorn Verification Framework
Stars: ✭ 270 (+92.86%)
MutantAutomated code reviews via mutation testing - semantic code coverage.
Stars: ✭ 1,794 (+1181.43%)
CscoutC code refactoring browser
Stars: ✭ 139 (-0.71%)
Php testabilityAnalyses and reports testability issues of a php codebase
Stars: ✭ 136 (-2.86%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-8.57%)
Sast ScanFully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Stars: ✭ 104 (-25.71%)
Clj KondoA linter for Clojure code that sparks joy.
Stars: ✭ 1,083 (+673.57%)
harosH(igh) A(ssurance) ROS - Static analysis of ROS application code.
Stars: ✭ 168 (+20%)