1863 Open source projects that are alternatives of or similar to Njsscan

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

nodejsscan is a static security code scanner for Node.js applications.

SonarQube Java Properties Analyzer

SonarQube Cucumber Gherkin Analyzer

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Identify hardcoded secrets and dangerous behaviours

The Exakat Engine : smart static analysis for PHP

Static code analysis for CFML (a linter)

All-in-one tool for managing vulnerability reports from AppSec pipelines

✊ Detect non-inclusive language in your source code.

SonarQube CSS / SCSS / Less Analyzer

Swiss-army knife for D source code

`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.

A pair programming partner for writing better PHP. Pahout means PHP mahout 🐘

A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

Static code analysis for Kotlin

REDbot is lint for HTTP.

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Command line tool to validate configuration files

Next-gen phpDoc parser with support for intersection types and generics

ShellCheck, a static analysis tool for shell scripts

Dockerfile linter, validate inline bash, written in Haskell

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

🚦 An extensible linter for the TypeScript language

A pluggable and configurable linter tool for identifying and reporting on patterns of misuse or deprecations in Gradle scripts.

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

A GitHub app to automatically review Python code style over Pull Requests

SonarJS rules for ESLint

kube-scan: Octarine k8s cluster risk assessment tool

a javascript static security analysis tool

Code style checking for RSpec files

A community-driven list of awesome linters.

Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.

SonarSource Static Analyzer for JavaScript and TypeScript

Awesome PHP Security Resources 🕶🐘🔐

A static analysis security vulnerability scanner for Ruby on Rails applications

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Awesome Python Security resources 🕶🐍🔐

A curated list of awesome Go linters. More than 60 linters and tools!

Static code analyzer for TypeScript

Linting tool for CloudFormation templates

Security scanner coordinator

🐛 A tool that can speed up linting of php files by running several lint processes at once.

☕️ SonarSource Static Analyzer for Java Code Quality and Security

🐳 📡 Docker way of running SonarQube + any DB

GitHub Action for running ansible-lint as part of your workflows! [ https://github.com/marketplace/actions/ansible-lint ]

The official GitHub mirror of https://gitlab.com/pycqa/flake8

A linter for Clojure code that sparks joy.

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

An application to assist in the organization and prioritization of software security activities.

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

Linter plugin using alex to catch insensitive, inconsiderate writing

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

cfmt is a tool to wrap Go comments over a certain length to a new line.

A mighty, modern linter that helps you avoid errors and enforce conventions in your styles.