Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: ✭ 64 (+18.52%)
averroesJava bytecode generator for sound and precise partial program analysis
Stars: ✭ 19 (-64.81%)
QuliceQuality Police for Java projects
Stars: ✭ 250 (+362.96%)
SobelowSecurity-focused static analysis for the Phoenix Framework
Stars: ✭ 1,103 (+1942.59%)
Debt-ManagerA personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎
Stars: ✭ 22 (-59.26%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+3716.67%)
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
Stars: ✭ 107 (+98.15%)
CxxctpDEPRECATED. USE INSTEAD github.com/blockspacer/flextool
Stars: ✭ 58 (+7.41%)
bismonpersistent monitor (for static source code analysis, GCC based)
Stars: ✭ 45 (-16.67%)
luacheckA tool for linting and static analysis of Lua code.
Stars: ✭ 139 (+157.41%)
SpoonSpoon is a metaprogramming library to analyze and transform Java source code (up to Java 15). 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Stars: ✭ 1,078 (+1896.3%)
phpstan-symfony*DEPRECATED* Symfony extension for PHPStan
Stars: ✭ 42 (-22.22%)
JpeekJava Code Static Metrics (Cohesion, Coupling, etc.)
Stars: ✭ 168 (+211.11%)
LibPeckeran obfuscation-resilient, highly precise and reliable library detector for Android applications
Stars: ✭ 38 (-29.63%)
CognicryptCogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.
Stars: ✭ 50 (-7.41%)
SqlServer.RulesSQL Server static code analysis rules for SSDT database projects
Stars: ✭ 20 (-62.96%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+362.96%)
ApisanAPISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46 (-14.81%)
OpenStaticAnalyzerOpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
Stars: ✭ 19 (-64.81%)
vim-mypyVim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)
Stars: ✭ 89 (+64.81%)
Php Language ServerPHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (+1787.04%)
sonarqube-actionIntegrate SonarQube scanner to GitHub Actions
Stars: ✭ 90 (+66.67%)
gospalGo static program analyser
Stars: ✭ 56 (+3.7%)
IDA WrapperAn IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.
Stars: ✭ 14 (-74.07%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+15374.07%)
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-61.11%)
PhpmdPHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Stars: ✭ 1,992 (+3588.89%)
Static-Malware-AnalysesA open source Python script to perform static analysis on a Malware Binary File (portable executable).
Stars: ✭ 15 (-72.22%)
cfsecStatic analysis for CloudFormation templates to identify common misconfiguration
Stars: ✭ 53 (-1.85%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+5550%)
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Stars: ✭ 82 (+51.85%)
Befa LibraryHigh-level library for executable binary file analysis
Stars: ✭ 12 (-77.78%)
PaperMacheteA project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.
Stars: ✭ 49 (-9.26%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+4912.96%)
identypoidentypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
Stars: ✭ 26 (-51.85%)
PhpqaDocker image that provides static analysis tools for PHP
Stars: ✭ 853 (+1479.63%)
woocommerce-stubsWooCommerce function and class declaration stubs for static analysis.
Stars: ✭ 49 (-9.26%)
swap-detectorA library for detecting swapped arguments in function calls, and a Clang Static Analyzer plugin used to demonstrate the library.
Stars: ✭ 19 (-64.81%)
Cpp2ILWork-in-progress tool to reverse unity's IL2CPP toolchain.
Stars: ✭ 689 (+1175.93%)
NgastParser for Angular projects.
Stars: ✭ 152 (+181.48%)
constybleCSS complexity linter
Stars: ✭ 92 (+70.37%)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+1418.52%)
tiroTIRO - A hybrid iterative deobfuscation framework for Android applications
Stars: ✭ 20 (-62.96%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+348.15%)
Awesome Go LintersA curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (+1383.33%)
ramllintRAML Linter
Stars: ✭ 18 (-66.67%)
dmn-checkA tool which performs static analyses on Decision Model Notation (DMN) files to detect bugs
Stars: ✭ 34 (-37.04%)
cmake-initThe missing CMake project initializer
Stars: ✭ 1,071 (+1883.33%)
subpyPython subsets
Stars: ✭ 41 (-24.07%)
lint-checksA set of opinionated and useful lint checks
Stars: ✭ 61 (+12.96%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+4657.41%)
Sast ScanFully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Stars: ✭ 104 (+92.59%)
DlintDlint is a tool for encouraging best coding practices and helping ensure we're writing secure Python code.
Stars: ✭ 320 (+492.59%)