398 Open source projects that are alternatives of or similar to SPDS

Static analysis framework for .NET programs.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

✊ Detect non-inclusive language in your source code.

an advanced semantic indexer for Ruby

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint

Program for determining types of files for Windows, Linux and MacOS.

An open source script to perform malware static analysis on Portable Executable

A reviewed list of useful PHP static analysis tools

Java Code Static Metrics (Cohesion, Coupling, etc.)

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Detect uses of legacy Java APIs

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

Quality Police for Java projects

Code metrics for Java code by means of static analysis

A set of utilities for checking Go sources. This repository has migrated to https://gitlab.com/opennota/check

Find similar functions and classes in your JavaScript/TypeScript code

Automated static analysis & linting bot for Mozilla repositories

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.

Moved to Polymer/tools monorepo

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

LibScout: Third-party library detector for Java/Android apps

Scanning APK file for URIs, endpoints & secrets.

Parser for Angular projects.

Intellisense for PHP

The modern Java bytecode editor

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

A Ruby code quality reporter

Custom Python linting through AST expressions

Inline syscalls made easy for windows on clang

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Duplicate code finder for Elixir

Code Climate CLI

A PHP parser written in PHP

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Automatically generates FORtran Documentation from comments within the code.

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

The CodeQL extractor and libraries for Go.

[DEPRECATED] Security Scanner for Ethereum Smart Contracts

A set of opinionated and useful lint checks

Datalog compiler in Rust as a procedural macro

Swiss-army knife for D source code

A static analyzer for Java, C, C++, and Objective-C

PHPUnit extensions and rules for PHPStan

This repo aims at providing practical examples on how to use r2frida

Security scanner for your Terraform code

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

🦩 Tools for Go projects

Static code analysis for CFML (a linter)

Bolt is a language with in-built data-race freedom!

Manage localization with static analysis. 🔍

Jenkins Warnings Plugin - Next Generation

The leading static analyzer for Perl. Configurable, extensible, powerful.

Policeman's Forbidden API Checker

Extensions for PHPStan

A Speculation-Aware Collaborative Dependence Analysis Framework

A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.