Sast ScanFully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Stars: ✭ 104 (-40.57%)
SlitherStatic Analyzer for Solidity
Stars: ✭ 759 (+333.71%)
bridgecrew-actionThis Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
Stars: ✭ 52 (-70.29%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+325.71%)
monadic-cfaGeneric implementation of different CFA families based on monadic decomposition
Stars: ✭ 16 (-90.86%)
infrared✨🚀 Blazing fast, inferred static type checker for JavaScript.
Stars: ✭ 46 (-73.71%)
PdependPHP_Depend is an adaptation of the established Java development tool JDepend. This tool shows you the quality of your design in terms of extensibility, reusability and maintainability.
Stars: ✭ 727 (+315.43%)
illuaminateVery WIP static analysis for Lua
Stars: ✭ 21 (-88%)
PanopticonA libre cross-platform disassembler.
Stars: ✭ 1,376 (+686.29%)
ethereum-dasmAn ethereum evm bytecode disassembler and static/dynamic analysis tool
Stars: ✭ 121 (-30.86%)
CheckstyleCheckstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Stars: ✭ 6,481 (+3603.43%)
jayhornStatic checker for Java
Stars: ✭ 54 (-69.14%)
Dependency CruiserValidate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.
Stars: ✭ 2,326 (+1229.14%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-80.57%)
Modern Cpp TemplateA template for modern C++ projects using CMake, Clang-Format, CI, unit testing and more, with support for downstream inclusion.
Stars: ✭ 690 (+294.29%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-60%)
facoyFaCoY Code-to-Code Search Engine
Stars: ✭ 26 (-85.14%)
SonarqubeContinuous Inspection
Stars: ✭ 6,365 (+3537.14%)
Debt-ManagerA personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎
Stars: ✭ 22 (-87.43%)
Perl CriticThe leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (-14.86%)
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
Stars: ✭ 107 (-38.86%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (+258.29%)
Phpstan DrupalExtension for PHPStan to allow analysis of Drupal code.
Stars: ✭ 97 (-44.57%)
lancerTurn your python code into a hideous mess. Ever heard of Black? This is the opposite.
Stars: ✭ 179 (+2.29%)
R2fridaRadare2 and Frida better together.
Stars: ✭ 610 (+248.57%)
BEFA-LibraryHigh-level library for executable binary file analysis
Stars: ✭ 14 (-92%)
TypestatConverts JavaScript to TypeScript and TypeScript to better TypeScript.
Stars: ✭ 136 (-22.29%)
JAWJAW: A Graph-based Security Analysis Framework for JavaScript and Client-side CSRF
Stars: ✭ 26 (-85.14%)
alpine-shellcheckDocker image for Alpine Linux with latest ShellCheck, a static analysis tool for shell scripts.
Stars: ✭ 12 (-93.14%)
Jpacman FrameworkPacman-inspired game, for teaching testing purposes.
Stars: ✭ 95 (-45.71%)
clamStatic Analyzer for LLVM bitcode based on Abstract Interpretation
Stars: ✭ 180 (+2.86%)
Pyre CheckPerformant type-checking for python.
Stars: ✭ 5,716 (+3166.29%)
Phpstan Deprecation RulesPHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Stars: ✭ 160 (-8.57%)
OpenStaticAnalyzerOpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
Stars: ✭ 19 (-89.14%)
PhanPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Stars: ✭ 5,194 (+2868%)
vim-mypyVim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)
Stars: ✭ 89 (-49.14%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (+225.14%)
BapBinary Analysis Platform
Stars: ✭ 1,385 (+691.43%)
qodana-action⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana
Stars: ✭ 112 (-36%)
nccNeural Code Comprehension: A Learnable Representation of Code Semantics
Stars: ✭ 162 (-7.43%)
CodequeryA code-understanding, code-browsing or code-search tool. This is a tool to index, then query or search C, C++, Java, Python, Ruby, Go and Javascript source code. It builds upon the databases of cscope and ctags, and provides a nice GUI tool.
Stars: ✭ 551 (+214.86%)
FlorentinoFast Static File Analysis Framework
Stars: ✭ 92 (-47.43%)
automutateApplies waves of mutations provided by other tools, such as linters or codemods.
Stars: ✭ 13 (-92.57%)
ShellcheckShellCheck, a static analysis tool for shell scripts
Stars: ✭ 27,211 (+15449.14%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+1077.71%)