Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+417.5%)
save-cloudCluster-based cloud mechanism for running SAVE framework
Stars: ✭ 30 (-25%)
DevreplayA linter that replay your developing style
Stars: ✭ 39 (-2.5%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+25430%)
LyraNo description or website provided.
Stars: ✭ 23 (-42.5%)
Anchore EngineA service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
Stars: ✭ 1,192 (+2880%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (+35%)
SyftCLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (+390%)
SobelowSecurity-focused static analysis for the Phoenix Framework
Stars: ✭ 1,103 (+2657.5%)
dmn-checkA tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs
Stars: ✭ 34 (-15%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (+390%)
CxxctpDEPRECATED. USE INSTEAD github.com/blockspacer/flextool
Stars: ✭ 58 (+45%)
gospalGo static program analyser
Stars: ✭ 56 (+40%)
SpoonSpoon is a metaprogramming library to analyze and transform Java source code (up to Java 15). 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Stars: ✭ 1,078 (+2595%)
CognicryptCogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.
Stars: ✭ 50 (+25%)
nestifDetect deeply nested if statements in Go source code
Stars: ✭ 30 (-25%)
ApisanAPISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46 (+15%)
Php Language ServerPHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (+2447.5%)
luliA static analysis and linter tool for Lua
Stars: ✭ 45 (+12.5%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+20790%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (+390%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+8830%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (+375%)
bismonpersistent monitor (for static source code analysis, GCC based)
Stars: ✭ 45 (+12.5%)
Walkmod Corewalkmod: an open source tool to fix coding style issues
Stars: ✭ 153 (+282.5%)
CkCode metrics for Java code by means of static analysis
Stars: ✭ 187 (+367.5%)
binary-auditing-solutionsLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Stars: ✭ 61 (+52.5%)
eclipse-pmdeclipse-pmd has been moved to
Stars: ✭ 20 (-50%)
SonartsStatic code analyzer for TypeScript
Stars: ✭ 776 (+1840%)
Phpcs Security Auditphpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
Stars: ✭ 525 (+1212.5%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+145%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+367.5%)
Tslint🚦 An extensible linter for the TypeScript language
Stars: ✭ 5,922 (+14705%)
Rubocop RailsA RuboCop extension focused on enforcing Rails best practices and coding conventions.
Stars: ✭ 433 (+982.5%)
phpstan.elInterface to PHPStan (PHP static analyzer)
Stars: ✭ 22 (-45%)
TajsType Analyzer for JavaScript
Stars: ✭ 150 (+275%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+7355%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (+1467.5%)
SouffleSoufflé is a variant of Datalog for tool designers crafting analyses in Horn clauses. Soufflé synthesizes a native parallel C++ program from a logic specification.
Stars: ✭ 426 (+965%)
iec-checkerStatic analysis of IEC 61131-3 programs
Stars: ✭ 36 (-10%)
BodycloseAnalyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Stars: ✭ 181 (+352.5%)
SyntFind similar functions and classes in your JavaScript/TypeScript code
Stars: ✭ 178 (+345%)
dynTaintTracera taint tracer based on DynamoRIO, currently ARM only
Stars: ✭ 32 (-20%)
Securify[DEPRECATED] Security Scanner for Ethereum Smart Contracts
Stars: ✭ 177 (+342.5%)
WpbulletA static code analysis for WordPress (and PHP)
Stars: ✭ 148 (+270%)
Rubysonaran advanced semantic indexer for Ruby
Stars: ✭ 175 (+337.5%)
twlyWanna get DRY? Static analysis tool for detecting repeat code.
Stars: ✭ 42 (+5%)
vandalStatic program analysis framework for Ethereum smart contract bytecode.
Stars: ✭ 121 (+202.5%)
eslintccComplexity of Code - JavaScript/TypeScript
Stars: ✭ 15 (-62.5%)
libdft64libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
Stars: ✭ 174 (+335%)