179 results for “topic:static-analyzer”
PHP Static Analysis Tool - discover bugs in your code without running it!
EMBA - The firmware security analyzer
Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
Beautiful and understandable static analysis tool for PHP
CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
BinAbsInspector: Vulnerability Scanner for Binaries
Static Value-Flow Analysis Framework for Source Code
Next-gen phpDoc parser with support for intersection types and generics
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Cross-platform static analyzer and linter for Swift.
cwe_checker finds vulnerable patterns in binary executables
SonarSource Static Analyzer for JavaScript and TypeScript
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Code analyzer for C# and VB.NET projects
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Doctrine extensions for PHPStan
Detect concurrency and memory bugs and possible panic locations in Rust projects
🕵️ Haskell STatic ANalyser
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with the technology stacks of Servlet&filter, Spring,struts,Dubbo,Thrift, jax-rs,jax-ws,JFinal,Netty,MyBatis,and JSP.
eBPF verifier based on abstract interpretation
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Clang's scan-build re-implementation in python
Static program analysis for TIP
☕️ PMD Plugin for SonarQube
OPEM (Open Source PEM Fuel Cell Simulation Tool)
Type Analyzer for JavaScript