Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with static-analysis

A curated list of projects in awesome lists tagged with static-analysis .

https://github.com/phpmd/phpmd

PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.

clean-code hacktoberfest mess-detector php pmd static-analysis static-analyzer

Last synced: 30 Dec 2024

https://ajinabraham.github.io/NodeJsScan

nodejsscan is a static security code scanner for Node.js applications.

code-analysis code-review devsecops javascript lint node node-security nodejs nodejsscan sast security security-scanner static-analysis

Last synced: 13 Oct 2024

https://github.com/find-sec-bugs/find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

bytecode code-analysis cwe findbugs hacktoberfest java owasp security security-audit static-analysis taint-analysis

Last synced: 30 Oct 2024

https://github.com/Ericsson/codechecker

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

analysis c clang clang-tidy codechecker cpp database defects docker linux llvm macosx objective-c results-viewer static-analysis static-analyzer static-analyzers vue

Last synced: 11 Nov 2024

https://github.com/ericsson/codechecker

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy

analysis c clang clang-tidy codechecker cpp database defects docker linux llvm macosx objective-c results-viewer static-analysis static-analyzer static-analyzers vue

Last synced: 31 Dec 2024

https://github.com/praetorian-inc/gokart

A static analysis tool for securing Go code

golang security security-tools static-analysis static-code-analysis

Last synced: 26 Sep 2024

https://github.com/glebm/i18n-tasks

Manage translation and localization with static analysis, for Ruby i18n

i18n ruby static-analysis static-code-analysis translation-management

Last synced: 30 Dec 2024

https://github.com/joshuakgoldberg/typestat

Converts JavaScript to TypeScript and TypeScript to better TypeScript. 🧫

conversion javascript mutations static-analysis typescript

Last synced: 31 Dec 2024

https://github.com/NASA-SW-VnV/ikos

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

abstract-interpretation program-analysis software-verification static-analysis

Last synced: 08 Nov 2024

https://github.com/JoshuaKGoldberg/TypeStat

Converts JavaScript to TypeScript and TypeScript to better TypeScript. 🧫

conversion javascript mutations static-analysis typescript

Last synced: 25 Oct 2024

https://github.com/willcrichton/flowistry

Flowistry is an IDE plugin for Rust that helps you focus on relevant code.

dataflow rust static-analysis vscode

Last synced: 31 Dec 2024

https://github.com/samboycoding/cpp2il

Work-in-progress tool to reverse unity's IL2CPP toolchain.

analysis decompiler il2cpp il2cpp-metadata reverse-engineering static-analysis unity

Last synced: 02 Jan 2025

https://github.com/inria/spoon

Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.

abstract-syntax-tree ast code-analysis code-generation code-transformation compile-time-reflection hacktoberfest inria java java-module java10 java9 metaprogramming parser spoon static-analysis

Last synced: 01 Jan 2025

https://github.com/rubik/radon

Various code metrics for Python code

cli code-analysis python quality-assurance static-analysis

Last synced: 31 Dec 2024

https://github.com/clj-kondo/clj-kondo

Static analyzer and linter for Clojure code that sparks joy

clojure clojurescript graalvm graalvm-native-image linter static-analysis

Last synced: 30 Dec 2024

https://github.com/SamboyCoding/Cpp2IL

Work-in-progress tool to reverse unity's IL2CPP toolchain.

analysis decompiler il2cpp il2cpp-metadata reverse-engineering static-analysis unity

Last synced: 06 Nov 2024

https://github.com/nccgroup/sobelow

Security-focused static analysis for the Phoenix Framework

elixir phoenix-framework security static-analysis

Last synced: 31 Dec 2024

https://github.com/INRIA/spoon

Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.

abstract-syntax-tree ast code-analysis code-generation code-transformation compile-time-reflection hacktoberfest inria java java-module java10 java9 metaprogramming parser spoon static-analysis

Last synced: 30 Oct 2024

https://github.com/anchore/anchore-engine

A service that analyzes docker images and scans for vulnerabilities

anchore-engine containers docker docker-image dockerhub python security static-analysis vulnerabilities whitelist

Last synced: 28 Sep 2024

https://github.com/bytedance/appshark

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

android compliance static-analysis vulnerability

Last synced: 02 Jan 2025

https://github.com/woodruffw/zizmor

A static analysis tool for GitHub Actions

github-actions security security-tools static-analysis

Last synced: 29 Dec 2024

https://github.com/pascal-lab/Tai-e

An easy-to-learn/use static analysis framework for Java

call-graph java security static-analysis taint-analysis

Last synced: 02 Jan 2025

https://github.com/pascal-lab/tai-e

An easy-to-learn/use static analysis framework for Java

call-graph java security static-analysis taint-analysis

Last synced: 02 Jan 2025

https://github.com/das-labor/panopticon

A libre cross-platform disassembler.

disassembler qml reverse-engineering rust security static-analysis

Last synced: 27 Dec 2024

https://github.com/yinwang0/pysonar2

PySonar2: a semantic indexer for Python with interprocedual type inference

code-analysis code-intelligence code-search index python static-analysis type-inference

Last synced: 02 Jan 2025

https://github.com/phpstan/phpdoc-parser

Next-gen phpDoc parser with support for intersection types and generics

php php7 phpdoc phpstan static-analysis static-analyzer static-code-analysis testing

Last synced: 30 Dec 2024

https://github.com/vercel/nft

Node.js dependency tracing utility

static-analysis

Last synced: 31 Dec 2024

https://github.com/protectai/vulnhuntr

Zero shot vulnerability discovery using LLMs

ai llm security static-analysis vulnerability-detection

Last synced: 28 Dec 2024

https://github.com/eliasgranderubio/dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

detecting-anomalous-activities docker malware-detection security static-analysis vulnerabilities

Last synced: 29 Dec 2024

https://github.com/ZupIT/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 02 Nov 2024

https://github.com/zupit/horusec

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

analysis cd ci cli golang hacktoberfest java kotlin netcore python ruby sast sast-analysis scanner security security-development security-flaws static-analysis terraform vulnerabilities

Last synced: 02 Jan 2025

https://github.com/sonarsource/sonar-java

:coffee: SonarSource Static Analyzer for Java Code Quality and Security

analysis analyzer java language-team quality sonarcloud sonarlint sonarqube static-analysis static-analyzer static-code-analysis

Last synced: 30 Dec 2024

https://github.com/SonarSource/sonar-java

:coffee: SonarSource Static Analyzer for Java Code Quality and Security

analysis analyzer java language-team quality sonarcloud sonarlint sonarqube static-analysis static-analyzer static-code-analysis

Last synced: 30 Oct 2024

https://github.com/pascal-lab/tai-e-assignments

Tai-e assignments for static program analysis

education java program-analysis static-analysis

Last synced: 30 Dec 2024

https://github.com/carlosas/phpat

PHP Architecture Tester - Easy architecture testing for PHP :heavy_check_mark:

architecture linter php phpstan-extension static-analysis testing

Last synced: 31 Dec 2024

https://github.com/xmirrorsecurity/opensca-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities

Last synced: 27 Dec 2024

https://github.com/XmirrorSecurity/OpenSCA-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.

cyclonedx devsecops license-compliance sbom sca security software-bill-of-materials software-composition-analysis software-supply-chain software-supply-chain-security spdx static-analysis swid vulnerabilities

Last synced: 11 Nov 2024

https://github.com/jar-analyzer/jar-analyzer

Jar Analyzer - 一个JAR包分析工具,批量分析,SCA漏洞分析,方法调用关系搜索,字符串搜索,Spring组件分析,信息泄露检查,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码

bytecode jar java-asm java-bytecode java-debugger java-decompiler java-gui java-security java-vulnerability program-analysis static-analysis vulnerability web-vulnerability

Last synced: 05 Nov 2024

https://github.com/pschanely/CrossHair

An analysis tool for Python that blurs the line between testing and type systems.

concolic-execution contracts dynamic-analysis fuzzing hacktoberfest python static-analysis symbolic-execution testing testing-framework type-systems z3

Last synced: 29 Oct 2024

https://github.com/meziantou/Meziantou.Analyzer

A Roslyn analyzer to enforce some good practices in C#.

analyzer csharp dotnet hacktoberfest roslyn roslyn-analyzer static-analysis vsix

Last synced: 06 Nov 2024

https://github.com/PHPCSStandards/PHP_CodeSniffer

PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.

automation cli coding-standards php phpcbf phpcs psr1 psr12 psr2 qa static-analysis

Last synced: 06 Nov 2024

https://github.com/phpcsstandards/php_codesniffer

PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.

automation cli coding-standards php phpcbf phpcs psr1 psr12 psr2 qa static-analysis

Last synced: 27 Dec 2024

https://github.com/enlightn/enlightn

Your performance & security consultant, an artisan command away.

audit code-quality code-review dynamic-analysis laravel performance security static-analysis

Last synced: 31 Dec 2024

https://github.com/jar-analyzer/jar-analyzer-v1-gui

建议使用新版:https://github.com/jar-analyzer/jar-analyzer

java-decompiler program-analysis static-analysis

Last synced: 23 Dec 2024

https://github.com/rubocop/rubocop-rspec

Code style checking for RSpec files.

lint rspec rubocop ruby static-analysis testing

Last synced: 31 Dec 2024

https://github.com/quasilyte/go-ruleguard

Define and run pattern-based custom linting rules.

analysis codeql dynamic-rules go go-analysis gogrep golang linter ruleguard semgrep static-analysis

Last synced: 01 Jan 2025

https://github.com/wala/WALA

T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses

android callgraph dataflow-analysis java javascript pointer-analysis program-analysis slicing static-analysis static-code-analysis

Last synced: 20 Nov 2024

https://github.com/bl4de/security-tools

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

bug-bounties bug-bounty bugbounty ctf ctf-tools hacking infosec itsecurity pentesting python scanner security-testing security-tools static-analysis webappsec

Last synced: 03 Nov 2024

https://github.com/aviatesk/jet.jl

An experimental code analyzer for Julia. No need for additional type annotations.

error-detection julia performance-engineering static-analysis

Last synced: 27 Dec 2024

https://github.com/tencent/habomalhunter

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

dynamic-analysis elf linux malware-analysis security static-analysis

Last synced: 27 Dec 2024

https://github.com/Tencent/HaboMalHunter

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

dynamic-analysis elf linux malware-analysis security static-analysis

Last synced: 21 Nov 2024

https://github.com/secrary/Andromeda

Andromeda - Interactive Reverse Engineering Tool for Android Applications

android apk binary-analysis reverse-engineering static-analysis

Last synced: 20 Nov 2024

https://github.com/secrary/andromeda

Andromeda - Interactive Reverse Engineering Tool for Android Applications

android apk binary-analysis reverse-engineering static-analysis

Last synced: 25 Oct 2024

https://github.com/antoine-coulon/skott

All-in-one devtool to automatically analyze, search and visualize project modules and dependencies from JavaScript, TypeScript (JSX/TSX) and Node.js (ES6, CommonJS)

commonjs dependencies es6 graph javascript jsx nodejs static-analysis tree tsx typescript visualization

Last synced: 02 Jan 2025

https://github.com/chanhx/crabviz

🦀 A LSP-based interative call graph generator

c callgraph cpp go java javascript language-server-protocol lsp python rust static-analysis typescript vscode

Last synced: 29 Oct 2024

https://github.com/emacs-elsa/Elsa

Emacs Lisp Static Analyzer and gradual type system.

elsa emacs emacs-lisp gradual-typing static-analysis

Last synced: 08 Nov 2024

https://github.com/alexkohler/prealloc

prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.

go golang prealloc-suggestions slice static-analysis static-analyzer static-code-analysis

Last synced: 17 Nov 2024

https://github.com/ossillate-inc/packj

Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

developer-tools devops devops-tools devsecops dynamic-analysis malware malware-analysis npm pypi python rubygems sandboxing security security-audit security-tools static-analysis supply-chain supply-chain-security vulnerability vulnerability-scanners

Last synced: 14 Nov 2024