589 Open source projects that are alternatives of or similar to phan-taint-check-plugin

CPU-guided performance analyzer for Go

A reviewed list of useful PHP static analysis tools

A Go implementation of dirsearch.

LibScout: Third-party library detector for Java/Android apps

ESLint plugin for Scoped CSS in Vue.js

Awesome Java Security Resources 🕶☕🔐

proxy poc implementation of STARTTLS stripping attacks

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

🏥 PHPDoctor: Check files, full directories or strings for missing or bad PHPDoc types.

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

Visual Studio Code extension integrating Tenkawa PHP language server.

✊ Detect non-inclusive language in your source code.

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Code metrics for Java code by means of static analysis

A Github Repository Created to compliment a BSides Canberra 2018 talk on SharePoint Security.

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

Custom memory allocator that helps discover reads from uninitialized memory

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

Interface to PHPStan (PHP static analyzer)

A tool for auditing security properties of GCP projects.

A static analyzer for Java, C, C++, and Objective-C

A tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs

This repo aims at providing practical examples on how to use r2frida

Wordpress Vulnerability Scanner

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

Work-in-progress tool to reverse unity's IL2CPP toolchain.

Static code analysis for CFML (a linter)

A repository of tools for pentesting of restricted and isolated environments.

Manage localization with static analysis. 🔍

Docker auditing and enumeration script.

The leading static analyzer for Perl. Configurable, extensible, powerful.

Automated NoSQL database enumeration and web application exploitation tool.

Magic number detector for Go.

Static Analyzer for LLVM bitcode based on Abstract Interpretation

This Repository contains the stuff related to windows Active directory environment exploitation

A Psalm plugin for Laravel

persistent monitor (for static source code analysis, GCC based)

Automated code reviews via mutation testing - semantic code coverage.

Set of tools to audit SIP based VoIP Systems

C code refactoring browser

Java bytecode analyzer customizable via JSON rules

Manage translation and localization with static analysis, for Ruby i18n

Audit Windows Security with best Practice

Analyses and reports testability issues of a php codebase

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

An Android base app with loads of cool libraries/configuration NOT MAINTAINED

Kubernetes Common Configuration Scoring System

Toolkit for enriching and speeding up static malware analysis

Infer mvn deps from sources

Web-based Source Code Vulnerability Scanner

Automated static analysis & linting bot for Mozilla repositories

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

A library to read static analysis reports into a Java object model

A open source Python script to perform static analysis on a Malware Binary File (portable executable).

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

Шаблон кросплатформенного CMake-проекта для языка C++ 🇬🇧 Modern CMake crossplatform project template for C++

Cybersecurity Evaluation Tool