analysis-netStatic analysis framework for .NET programs.
Stars: ✭ 19 (-50%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+468.42%)
Woke✊ Detect non-inclusive language in your source code.
Stars: ✭ 190 (+400%)
Rubysonaran advanced semantic indexer for Ruby
Stars: ✭ 175 (+360.53%)
SyftCLI tool and library for generating a Software Bill of Materials from container images and filesystems
Stars: ✭ 196 (+415.79%)
Revive🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+8160.53%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+7747.37%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+557.89%)
JpeekJava Code Static Metrics (Cohesion, Coupling, etc.)
Stars: ✭ 168 (+342.11%)
PhpmdPHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Stars: ✭ 1,992 (+5142.11%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+444.74%)
DiktatStrict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs
Stars: ✭ 196 (+415.79%)
QuliceQuality Police for Java projects
Stars: ✭ 250 (+557.89%)
CkCode metrics for Java code by means of static analysis
Stars: ✭ 187 (+392.11%)
CheckA set of utilities for checking Go sources. This repository has migrated to https://gitlab.com/opennota/check
Stars: ✭ 225 (+492.11%)
SyntFind similar functions and classes in your JavaScript/TypeScript code
Stars: ✭ 178 (+368.42%)
code-reviewAutomated static analysis & linting bot for Mozilla repositories
Stars: ✭ 51 (+34.21%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+5323.68%)
Protoc Gen LintA plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.
Stars: ✭ 221 (+481.58%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+7928.95%)
LibscoutLibScout: Third-party library detector for Java/Android apps
Stars: ✭ 217 (+471.05%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+7023.68%)
NgastParser for Angular projects.
Stars: ✭ 152 (+300%)
RecafThe modern Java bytecode editor
Stars: ✭ 3,374 (+8778.95%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+6660.53%)
RubycriticA Ruby code quality reporter
Stars: ✭ 2,841 (+7376.32%)
BellybuttonCustom Python linting through AST expressions
Stars: ✭ 196 (+415.79%)
Inline syscallInline syscalls made easy for windows on clang
Stars: ✭ 232 (+510.53%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+9300%)
duplexDuplicate code finder for Elixir
Stars: ✭ 20 (-47.37%)
Php ParserA PHP parser written in PHP
Stars: ✭ 15,101 (+39639.47%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+392.11%)
FordAutomatically generates FORtran Documentation from comments within the code.
Stars: ✭ 245 (+544.74%)
BodycloseAnalyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.
Stars: ✭ 181 (+376.32%)
Codeql GoThe CodeQL extractor and libraries for Go.
Stars: ✭ 224 (+489.47%)
Securify[DEPRECATED] Security Scanner for Ethereum Smart Contracts
Stars: ✭ 177 (+365.79%)
lint-checksA set of opinionated and useful lint checks
Stars: ✭ 61 (+60.53%)
CrepeDatalog compiler in Rust as a procedural macro
Stars: ✭ 175 (+360.53%)
D ScannerSwiss-army knife for D source code
Stars: ✭ 221 (+481.58%)
InferA static analyzer for Java, C, C++, and Objective-C
Stars: ✭ 12,823 (+33644.74%)
Phpstan PhpunitPHPUnit extensions and rules for PHPStan
Stars: ✭ 247 (+550%)
R2frida WikiThis repo aims at providing practical examples on how to use r2frida
Stars: ✭ 168 (+342.11%)
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+9431.58%)
Phpstan Deprecation RulesPHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Stars: ✭ 160 (+321.05%)
go-recipes🦩 Tools for Go projects
Stars: ✭ 2,490 (+6452.63%)
CflintStatic code analysis for CFML (a linter)
Stars: ✭ 156 (+310.53%)
BoltBolt is a language with in-built data-race freedom!
Stars: ✭ 215 (+465.79%)
I18n ExtractManage localization with static analysis. 🔍
Stars: ✭ 152 (+300%)
Perl CriticThe leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (+292.11%)
Forbidden ApisPoliceman's Forbidden API Checker
Stars: ✭ 216 (+468.42%)
SCAFA Speculation-Aware Collaborative Dependence Analysis Framework
Stars: ✭ 25 (-34.21%)
tryceratopsA linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (+902.63%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+536.84%)