406 Open source projects that are alternatives of or similar to Php Static Analysis Tools

Soot - A Java optimization framework

Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.

A static analyzer for Java, C, C++, and Objective-C

TypeScript Compiler API wrapper for static analysis and programmatic code changes.

Dynamic definitions and types provider for ruby static analysis

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

Semgrep rules registry

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

nodejsscan is a static security code scanner for Node.js applications.

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

Parser for Angular projects.

A parser and source code analyzer for PL/SQL and Oracle SQL.

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

Gradle plugin for PIT Mutation Testing

Custom Python linting through AST expressions

GCC plugin that embeds CPython inside the compiler

Datalog compiler in Rust as a procedural macro

A curated list of mathematics documents ,Concepts, Study Materials , Algorithms and Codes available across the internet for machine learning and deep learning

Intellisense for PHP

Converts JavaScript to TypeScript and TypeScript to better TypeScript.

This repo aims at providing practical examples on how to use r2frida

Checks syntax of reStructuredText and code blocks nested within it

Code Climate CLI

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

Manage localization with static analysis. 🔍

A list of computer-science readings I recommend

Program for determining types of files for Windows, Linux and MacOS.

The leading static analyzer for Perl. Configurable, extensible, powerful.

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

Find similar functions and classes in your JavaScript/TypeScript code

Static Analyzer for LLVM bitcode based on Abstract Interpretation

Awesome Java Security Resources 🕶☕🔐

A Psalm plugin for Laravel

an advanced semantic indexer for Ruby

Automated code reviews via mutation testing - semantic code coverage.

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

C code refactoring browser

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

Manage translation and localization with static analysis, for Ruby i18n

LibScout: Third-party library detector for Java/Android apps

Analyses and reports testability issues of a php codebase

Java Code Static Metrics (Cohesion, Coupling, etc.)

An Android base app with loads of cool libraries/configuration NOT MAINTAINED

✊ Detect non-inclusive language in your source code.

Toolkit for enriching and speeding up static malware analysis

Moved to Polymer/tools monorepo

Release snapshots of the Frama-C platform for source code analysis

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Setup scripts for my Malware Analysis VMs

Code metrics for Java code by means of static analysis

Static code analysis for CFML (a linter)

Bolt is a language with in-built data-race freedom!

Policeman's Forbidden API Checker

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Scanning APK file for URIs, endpoints & secrets.