671 Open source projects that are alternatives of or similar to subpy

Run a security scan on your terraform with the very nice https://github.com/liamg/tfsec

Java bytecode generator for sound and precise partial program analysis

Quality Police for Java projects

Code Climate Engine for ESLint

Security-focused static analysis for the Phoenix Framework

A personal app to store people that owe you money or you owe money to. "Mo Money Mo Problems" 🎵 - The Notorious B.I.G. 😎

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

OPEM (Open Source PEM Fuel Cell Simulation Tool)

DEPRECATED. USE INSTEAD github.com/blockspacer/flextool

An Error Prone plugin for SLF4J

.NET port of Microsoft's TypeScript parser for simple AST manipulation

A tool for linting and static analysis of Lua code.

GopherCI was a project to help you maintain high-quality Go projects, by checking each GitHub Pull Request, for backward incompatible changes, and a suite of other third party static analysis tools.

An extensible multilanguage static code analyzer.

*DEPRECATED* Symfony extension for PHPStan

Java Code Static Metrics (Cohesion, Coupling, etc.)

an obfuscation-resilient, highly precise and reliable library detector for Android applications

CogniCrypt is an Eclipse plugin that supports Java developers in using Java Cryptographic APIs.

SQL Server static code analysis rules for SSDT database projects

An open source script to perform malware static analysis on Portable Executable

Code Climate Engine for PHP Code Sniffer

APISan: Sanitizing API Usages through Semantic Cross-Checking

OpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.

Moved to Polymer/tools monorepo

Vim plugin for executing Python's optional static type checker MyPy (http://mypy-lang.org/)

PHP Implementation of the VS Code Language Server Protocol 🆚↔🖥

Integrate SonarQube scanner to GitHub Actions

JSX for Go

An IDA_Wrapper for linux, shipped with an Function Identifier. It works well with Driller on static linked binaries.

Vulnerability Static Analysis for Containers

Github mirror of "mediawiki/tools/phan/SecurityCheckPlugin" - our actual code is hosted with Gerrit (please see https://www.mediawiki.org/wiki/Developer_access for contributing)

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

A open source Python script to perform static analysis on a Malware Binary File (portable executable).

Static analysis for CloudFormation templates to identify common misconfiguration

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

High-level library for executable binary file analysis

A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.

Scanning APK file for URIs, endpoints & secrets.

identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).

Docker image that provides static analysis tools for PHP

WooCommerce function and class declaration stubs for static analysis.

⚡️Blazing-fast js-bbcode-parser, bbcode js, that transforms and parses to AST with plugin support in pure javascript, no dependencies

Configurable XML Doc warnings for ReSharper

DEPRECATED -- DevSkim plugin for Sublime Text 3.

Work-in-progress tool to reverse unity's IL2CPP toolchain.

CSS complexity linter

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

TIRO - A hybrid iterative deobfuscation framework for Android applications

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

Awesome .NET Security Resources

A curated list of awesome Go linters. More than 60 linters and tools!

Static and dynamic Android application security analysis

Type-safe Lua IDE Plugin for IntelliJ IDEA

Minimalist Function Decorators for Elixir

SDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.

A Speculation-Aware Collaborative Dependence Analysis Framework

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!