Dg[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+61.33%)
TipStatic program analysis for TIP
Stars: ✭ 140 (-6.67%)
Sonar Pmd☕️ PMD Plugin for SonarQube
Stars: ✭ 139 (-7.33%)
lintsLint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command
Stars: ✭ 14 (-90.67%)
phpstan-netteNette Framework class reflection extension for PHPStan & framework-specific rules
Stars: ✭ 87 (-42%)
GrepbugsA regex based source code scanner.
Stars: ✭ 118 (-21.33%)
Cwe checkercwe_checker finds vulnerable patterns in binary executables
Stars: ✭ 372 (+148%)
WalaT.J. Watson Libraries for Analysis
Stars: ✭ 395 (+163.33%)
PytA Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Stars: ✭ 2,061 (+1274%)
identypoidentypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).
Stars: ✭ 26 (-82.67%)
ebaEBA is a static bug finder for C.
Stars: ✭ 14 (-90.67%)
Sonar DotnetCode analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
Stars: ✭ 466 (+210.67%)
Preallocprealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Stars: ✭ 419 (+179.33%)
nakedretnakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Stars: ✭ 82 (-45.33%)
PhpstanPHP Static Analysis Tool - discover bugs in your code without running it!
Stars: ✭ 10,534 (+6922.67%)
Cfmtcfmt is a tool to wrap Go comments over a certain length to a new line.
Stars: ✭ 28 (-81.33%)
PhpinspectionseaA Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Stars: ✭ 1,211 (+707.33%)
unimportunimport is a Go static analysis tool to find unnecessary import aliases.
Stars: ✭ 64 (-57.33%)
Phpdoc ParserNext-gen phpDoc parser with support for intersection types and generics
Stars: ✭ 569 (+279.33%)
progge.rsProgram analysis playground for a simple, imperative language
Stars: ✭ 29 (-80.67%)
SonarjsSonarSource Static Analyzer for JavaScript and TypeScript
Stars: ✭ 696 (+364%)
Sonar Java☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+396.67%)
Violations LibJava library for parsing report files from static code analysis.
Stars: ✭ 94 (-37.33%)
ExposeA Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.
Stars: ✭ 94 (-37.33%)
PatdroidA Program Analysis Toolkit for Android
Stars: ✭ 95 (-36.67%)
FeramFeram finds & fixes bugs in your commits
Stars: ✭ 122 (-18.67%)
PredicatesPredicates for type checking, assertions, filtering etc
Stars: ✭ 89 (-40.67%)
RubberduckEvery programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).
Stars: ✭ 1,287 (+758%)
RubocopA Ruby static code analyzer and formatter, based on the community Ruby style guide.
Stars: ✭ 11,593 (+7628.67%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-42%)
SojoboA binary analysis framework
Stars: ✭ 116 (-22.67%)
CodechartaCodeCharta visualizes multiple code metrics using 3D tree maps.
Stars: ✭ 85 (-43.33%)
DilateNearly zero runtime object allocation powered by scalameta. Value class and Unboxed Tagged Type generation at compile-time.
Stars: ✭ 80 (-46.67%)
NsdepcopNsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.
Stars: ✭ 114 (-24%)
Elixir Type checkTypeCheck: Fast and flexible runtime type-checking for your Elixir projects.
Stars: ✭ 80 (-46.67%)
I18n TasksManage translation and localization with static analysis, for Ruby i18n
Stars: ✭ 1,748 (+1065.33%)
AbaplintStandalone linter for ABAP
Stars: ✭ 111 (-26%)
Pest🐞 Primitive Erlang Security Tool
Stars: ✭ 79 (-47.33%)
CodecheckerCodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Stars: ✭ 1,209 (+706%)
WpbulletA static code analysis for WordPress (and PHP)
Stars: ✭ 148 (-1.33%)
TritonTriton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.
Stars: ✭ 1,934 (+1189.33%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-13.33%)
DrekA static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-31.33%)
PfunFunctional, composable, asynchronous, type-safe Python.
Stars: ✭ 75 (-50%)
Static Analysis⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
Stars: ✭ 9,310 (+6106.67%)
Npgsql.fsharp.analyzerF# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.
Stars: ✭ 103 (-31.33%)
HydiomaticThe Hy Transformer
Stars: ✭ 65 (-56.67%)
Kube ScoreKubernetes object analysis with recommendations for improved reliability and security
Stars: ✭ 1,128 (+652%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-14.67%)
BapBinary Analysis Platform
Stars: ✭ 1,385 (+823.33%)
Flake8The official GitHub mirror of https://gitlab.com/pycqa/flake8
Stars: ✭ 1,112 (+641.33%)
TscancodeA static code analyzer for C++, C#, Lua
Stars: ✭ 1,112 (+641.33%)
CrabCoRnucopia of ABstractions: a library for building abstract interpretation-based analyses
Stars: ✭ 102 (-32%)