Terraform Security ScanRun a security scan on your terraform with the very nice https://github.com/liamg/tfsec
Stars: ✭ 64 (+56.1%)
averroesJava bytecode generator for sound and precise partial program analysis
Stars: ✭ 19 (-53.66%)
QuliceQuality Police for Java projects
Stars: ✭ 250 (+509.76%)
SobelowSecurity-focused static analysis for the Phoenix Framework
Stars: ✭ 1,103 (+2590.24%)
Debt-ManagerA personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎
Stars: ✭ 22 (-46.34%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+4926.83%)
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
Stars: ✭ 107 (+160.98%)
CxxctpDEPRECATED. USE INSTEAD github.com/blockspacer/flextool
Stars: ✭ 58 (+41.46%)
TypeScriptAST.NET port of Microsoft's TypeScript parser for simple AST manipulation
Stars: ✭ 37 (-9.76%)
luacheckA tool for linting and static analysis of Lua code.
Stars: ✭ 139 (+239.02%)
GopherciGopherCI was a project to help you maintain high-quality Go projects, by checking each GitHub Pull Request, for backward incompatible changes, and a suite of other third party static analysis tools.
Stars: ✭ 105 (+156.1%)
PmdAn extensible multilanguage static code analyzer.
Stars: ✭ 3,667 (+8843.9%)
phpstan-symfony*DEPRECATED* Symfony extension for PHPStan
Stars: ✭ 42 (+2.44%)
JpeekJava Code Static Metrics (Cohesion, Coupling, etc.)
Stars: ✭ 168 (+309.76%)
LibPeckeran obfuscation-resilient, highly precise and reliable library detector for Android applications
Stars: ✭ 38 (-7.32%)
CognicryptCogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.
Stars: ✭ 50 (+21.95%)
SqlServer.RulesSQL Server static code analysis rules for SSDT database projects
Stars: ✭ 20 (-51.22%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+509.76%)
ApisanAPISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46 (+12.2%)
OpenStaticAnalyzerOpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
Stars: ✭ 19 (-53.66%)
vim-mypyVim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)
Stars: ✭ 89 (+117.07%)
Php Language ServerPHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (+2385.37%)
sonarqube-actionIntegrate SonarQube scanner to GitHub Actions
Stars: ✭ 90 (+119.51%)
goxJSX for Go
Stars: ✭ 165 (+302.44%)
IDA WrapperAn IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.
Stars: ✭ 14 (-65.85%)
ClairVulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+20280.49%)
phan-taint-check-pluginGithub mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)
Stars: ✭ 21 (-48.78%)
PhpmdPHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Stars: ✭ 1,992 (+4758.54%)
Static-Malware-AnalysesA open source Python script to perform static analysis on a Malware Binary File (portable executable).
Stars: ✭ 15 (-63.41%)
cfsecStatic analysis for CloudFormation templates to identify common misconfiguration
Stars: ✭ 53 (+29.27%)
Mobileapp Pentest CheatsheetThe Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Stars: ✭ 3,051 (+7341.46%)
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Stars: ✭ 82 (+100%)
Befa LibraryHigh-level library for executable binary file analysis
Stars: ✭ 12 (-70.73%)
PaperMacheteA project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.
Stars: ✭ 49 (+19.51%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+6502.44%)
identypoidentypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
Stars: ✭ 26 (-36.59%)
PhpqaDocker image that provides static analysis tools for PHP
Stars: ✭ 853 (+1980.49%)
woocommerce-stubsWooCommerce function and class declaration stubs for static analysis.
Stars: ✭ 49 (+19.51%)
BBob⚡️Blazing-fast js-bbcode-parser, bbcode js, that transforms and parses to AST with plugin support in pure javascript, no dependencies
Stars: ✭ 133 (+224.39%)
Cpp2ILWork-in-progress tool to reverse unity's IL2CPP toolchain.
Stars: ✭ 689 (+1580.49%)
constybleCSS complexity linter
Stars: ✭ 92 (+124.39%)
Dagdaa tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+1900%)
tiroTIRO - A hybrid iterative deobfuscation framework for Android applications
Stars: ✭ 20 (-51.22%)
Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+490.24%)
Awesome Go LintersA curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (+1853.66%)
aparoidStatic and dynamic Android application security analysis
Stars: ✭ 62 (+51.22%)
decoMinimalist Function Decorators for Elixir
Stars: ✭ 21 (-48.78%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (+139.02%)
SCAFA Speculation-Aware Collaborative Dependence Analysis Framework
Stars: ✭ 25 (-39.02%)
SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Stars: ✭ 2,569 (+6165.85%)
Sast ScanFully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Stars: ✭ 104 (+153.66%)