236 Open source projects that are alternatives of or similar to Tajs

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

Static program analysis for TIP

☕️ PMD Plugin for SonarQube

Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command

SonarLint integration for Apache Netbeans

Nette Framework class reflection extension for PHPStan & framework-specific rules

A regex based source code scanner.

cwe_checker finds vulnerable patterns in binary executables

T.J. Watson Libraries for Analysis

A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

identypo is a Go static analysis tool to find typos in identifiers (functions, function calls, variables, constants, type declarations, packages, labels).

EBA is a static bug finder for C.

Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.

PHP Static Analysis Tool - discover bugs in your code without running it!

cfmt is a tool to wrap Go comments over a certain length to a new line.

A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

unimport is a Go static analysis tool to find unnecessary import aliases.

Next-gen phpDoc parser with support for intersection types and generics

Doctrine extensions for PHPStan

Program analysis playground for a simple, imperative language

SonarSource Static Analyzer for JavaScript and TypeScript

☕️ SonarSource Static Analyzer for Java Code Quality and Security

Java library for parsing report files from static code analysis.

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.

A Program Analysis Toolkit for Android

Feram finds & fixes bugs in your commits

Semgrep rules registry

⚡️ Runtime type-checker for JavaScript

Predicates for type checking, assertions, filtering etc

Every programmer needs a rubberduck. COM add-in for the VBA & VB6 IDE (VBE).

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

A binary analysis framework

CodeCharta visualizes multiple code metrics using 3D tree maps.

Nearly zero runtime object allocation powered by scalameta. Value class and Unboxed Tagged Type generation at compile-time.

NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.

List of Maven examples

TypeCheck: Fast and flexible runtime type-checking for your Elixir projects.

Manage translation and localization with static analysis, for Ruby i18n

Standalone linter for ABAP

ESLint Shareable Config for JSX support in JavaScript Standard Style

🐞 Primitive Erlang Security Tool

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

A static code analysis for WordPress (and PHP)

Triton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.

Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Functional, composable, asynchronous, type-safe Python.

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

F# analyzer that provides embedded SQL syntax analysis, type-checking for parameters and result sets and nullable column detection when writing queries using Npgsql.FSharp.

The Hy Transformer

Kubernetes object analysis with recommendations for improved reliability and security

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Binary Analysis Platform

The official GitHub mirror of https://gitlab.com/pycqa/flake8

A static code analyzer for C++, C#, Lua

CoRnucopia of ABstractions: a library for building abstract interpretation-based analyses