589 Open source projects that are alternatives of or similar to phan-taint-check-plugin

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Python source code auditing and static analysis on a large scale

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.

Making CoreOS' Clair easily work in CI/CD pipelines

A static analysis security vulnerability scanner for Ruby on Rails applications

Performant type-checking for python.

A static analysis tool for finding errors in PHP applications

Go Taint CHeck Analyser

🐞 Primitive Erlang Security Tool

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Style-preserving Lua parser in Rust

Wanna get DRY? Static analysis tool for detecting repeat code.

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

PhpCodeAnalyzer scans codebase and analyzes which non-built-in php extensions used

The tool converts different error reporting standards for deep compatibility with popular CI systems (TeamCity, IntelliJ IDEA, GitHub Actions, etc).

H(igh) A(ssurance) ROS - Static analysis of ROS application code.

PHPStan based SQL static analysis and type inference for the database access layer

unimport is a Go static analysis tool to find unnecessary import aliases.

A humble, and fast, security-oriented HTTP headers analyzer

libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)

An R package for static analysis of R code.

Static analysis for CloudFormation templates to identify common misconfiguration

A community collection of security reviews of open source software components.

CSS complexity linter

SonarLint integration for Apache Netbeans

RFMap - Radio Frequency Mapper

WooCommerce function and class declaration stubs for static analysis.

Universal test framework for cli tools [mainly for code analyzers and compilers]

A curated list of security resources for a Ruby on Rails application

FAROS: Illuminating In-Memory Injection Attacks via Provenance-based Whole System Dynamic Information Flow Tracking

Configurable XML Doc warnings for ReSharper

ESLint plugin for Scoped CSS in Vue.js

Visual Studio Code extension integrating Tenkawa PHP language server.

Interface to PHPStan (PHP static analyzer)

Work-in-progress tool to reverse unity's IL2CPP toolchain.

Magic number detector for Go.

Java bytecode analyzer customizable via JSON rules

Infer mvn deps from sources

Interchange format for results for static analysis tools

PHPStan extension for webmozart/assert

SEC分布式资产扫描系统

OCCAM: Object Culling and Concretization for Assurance Maximization

Quickly find modifications in Magento 1 or Magento 2 core code

A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.

A free and open-source SonarQube plugin for static code analysis of Scala projects.

The radare2 + frida book for Mobile Application assessment

A graph-based static-dynamic hybrid DEX code analysis tool

`mllint` is a command-line utility to evaluate the technical quality of Python Machine Learning (ML) projects by means of static analysis of the project's repository.

TIRO - A hybrid iterative deobfuscation framework for Android applications

Defund the Police.

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.

EBA is a static bug finder for C.

Haxe Checkstyle extension for Visual Studio Code

Provides various Windows Server Active Directory (AD) security-focused reports.

Nette Framework class reflection extension for PHPStan & framework-specific rules

Automatic test case generation for python and static analysis library

A set of curated exercises to help you prepare for the CKS exam

PHP Static Analysis in Github Actions.

A Golang tool that does static analysis, unit testing, code review and generate code quality report.