Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (-61.35%)
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+26.38%)
auraPython source code auditing and static analysis on a large scale
Stars: ✭ 101 (-97.77%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (-54.43%)
JediAwesome autocompletion, static analysis and refactoring library for python
Stars: ✭ 5,037 (+11.36%)
phpstan-dbaPHPStan based SQL static analysis and type inference for the database access layer
Stars: ✭ 163 (-96.4%)
gotchaGo Taint CHeck Analyser
Stars: ✭ 40 (-99.12%)
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-99.54%)
Reviewdog🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Stars: ✭ 4,541 (+0.4%)
ReekCode smell detector for Ruby
Stars: ✭ 3,693 (-18.35%)
Sonar Php 🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint
Stars: ✭ 288 (-93.63%)
PytypeA static type analyzer for Python code
Stars: ✭ 3,545 (-21.62%)
Clang Tools Extra Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
Stars: ✭ 358 (-92.08%)
ApplicationinspectorA source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Stars: ✭ 3,873 (-14.37%)
CodecompassCodeCompass is a software comprehension tool for large scale software written in C/C++ and Java
Stars: ✭ 342 (-92.44%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-93.7%)
Write You A HaskellBuilding a modern functional compiler from first principles. (http://dev.stephendiehl.com/fun/)
Stars: ✭ 3,064 (-32.26%)
CleancppprojectClean C++ project for you to use. Features: Modern CMake, CPack, Doxygen, PlantUML, Catch Unit testing, static analysis
Stars: ✭ 276 (-93.9%)
Go RuleguardDefine and run pattern-based custom linting rules.
Stars: ✭ 402 (-91.11%)
Go ToolsStaticcheck - The advanced Go linter
Stars: ✭ 4,317 (-4.55%)
Dingo HunterStatic analyser for finding Deadlocks in Go
Stars: ✭ 272 (-93.99%)
WotanPluggable TypeScript and JavaScript linter
Stars: ✭ 271 (-94.01%)
SeahornSeaHorn Verification Framework
Stars: ✭ 270 (-94.03%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (-93.12%)
JaadasJoint Advanced Defect assEsment for android applications
Stars: ✭ 304 (-93.28%)
CredoA static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Stars: ✭ 4,144 (-8.38%)
Go CallvisVisualize call graph of a Go program using Graphviz
Stars: ✭ 3,692 (-18.37%)
DetektStatic code analysis for Kotlin
Stars: ✭ 4,169 (-7.83%)
Cargo InspectPssst!... see what Rust is doing behind the curtains 🕵🤫
Stars: ✭ 295 (-93.48%)
BineeBinee: binary emulation environment
Stars: ✭ 408 (-90.98%)
Clang Power ToolsBringing clang-tidy magic to Visual Studio C++ developers.
Stars: ✭ 285 (-93.7%)
ExakatThe Exakat Engine : smart static analysis for PHP
Stars: ✭ 346 (-92.35%)
RascalThe implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)
Stars: ✭ 284 (-93.72%)
EngineDroidefense: Advance Android Malware Analysis Framework
Stars: ✭ 386 (-91.47%)
NullawayA tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Stars: ✭ 3,035 (-32.9%)
Cppcheckstatic analysis of C/C++ code
Stars: ✭ 3,845 (-14.99%)
LinterStatic Analysis Compiler Plugin for Scala
Stars: ✭ 273 (-93.96%)
SaferwallA hackable malware sandbox for the 21st Century
Stars: ✭ 419 (-90.74%)
ChronosChronos - A static race detector for the go language
Stars: ✭ 272 (-93.99%)
SemgrepLightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Stars: ✭ 5,668 (+25.32%)
Tool listsLinks to tools by subject
Stars: ✭ 270 (-94.03%)
EnlightnYour performance & security consultant, an artisan command away.
Stars: ✭ 378 (-91.64%)
ClangkitClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.
Stars: ✭ 330 (-92.7%)
GoreporterA Golang tool that does static analysis, unit testing, code review and generate code quality report.
Stars: ✭ 2,943 (-34.93%)
CfripperLibrary and CLI tool for analysing CloudFormation templates and check them for security compliance.
Stars: ✭ 265 (-94.14%)
PhpdeprecationdetectorAnalyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.
Stars: ✭ 263 (-94.19%)
HuskyciPerforming security tests inside your CI
Stars: ✭ 398 (-91.2%)
Dss📄 Documented Style Sheets Parser
Stars: ✭ 375 (-91.71%)
Booster🚀Optimizer for mobile applications
Stars: ✭ 3,741 (-17.29%)
KraneKubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (-94.38%)
mobsfscanmobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Stars: ✭ 148 (-96.73%)
PmdAn extensible multilanguage static code analyzer.
Stars: ✭ 3,667 (-18.93%)
type-inferA Clojure utility to inspect static types inferred by the Clojure compiler
Stars: ✭ 16 (-99.65%)
GrypeA vulnerability scanner for container images and filesystems
Stars: ✭ 362 (-92%)