Projects in Awesome Lists tagged with static-analysis

https://github.com/mobsf/mobsfscan

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

android appsec codereview ios java kotlin mobile-sast objective-c sast security static-analysis swift

Last synced: 04 Jan 2025

https://github.com/zanellia/prometeo

An experimental Python-to-C transpiler and domain specific language for embedded high-performance computing

c compiler domain-specific-language embedded-systems high-performance-computing hpc python python-to-c source-to-source static-analysis static-typing transcompiler transpiler

Last synced: 29 Oct 2024

https://github.com/pep8speaks-org/pep8speaks

A GitHub :octocat: app to automatically review Python code style over Pull Requests

bot code-quality code-style flake8 github-app github-webhooks hacktoberfest linter pep8 pycodestyle python python-style review static-analysis static-code-analysis styleguide

Last synced: 26 Oct 2024

https://github.com/phpstan/phpstan-strict-rules

Extra strict and opinionated rules for PHPStan

php php7 phpstan safety static-analysis static-code-analysis strongly-typed

Last synced: 31 Dec 2024

https://github.com/object-calisthenics/phpcs-calisthenics-rules

[DEPRECATED] Object Calisthenics rules for PHP_CodeSniffer

calisthenics-rules coding-standard php php-codesniffer solid static-analysis

Last synced: 20 Nov 2024

https://github.com/0xdea/semgrep-rules

A collection of my Semgrep rules to facilitate vulnerability research.

code-review semgrep semgrep-rules static-analysis vulnerability-research

Last synced: 04 Jan 2025

https://github.com/phpstan/phpstan-doctrine

Doctrine extensions for PHPStan

doctrine doctrine2 php php7 phpstan static-analysis static-analyzer static-code-analysis testing

Last synced: 31 Dec 2024

https://github.com/dpnishant/jsprime

a javascript static security analysis tool

javascript security-scanner security-tools static-analysis

Last synced: 29 Dec 2024

https://github.com/eth-sri/securify2

Securify v2.0

datalog ethereum security smart-contract solidity static-analysis vulnerability

Last synced: 08 Nov 2024

https://github.com/globocom/huskyci

Performing security tests inside your CI

bandit brakeman continuous-integration gitlab-ci golang gosec hacktoberfest hacktoberfest2023-accepted javascript npm-audit python ruby-on-rails safety security-automation security-tools static-analysis vulnerabilities yarn-audit

Last synced: 30 Dec 2024

https://github.com/Roave/BackwardCompatibilityCheck

:ab: Tool to compare two revisions of a class API to check for BC breaks

backward-compatibility bc reflection static-analysis

Last synced: 04 Nov 2024

https://github.com/globocom/huskyCI

Performing security tests inside your CI

bandit brakeman continuous-integration gitlab-ci golang gosec hacktoberfest hacktoberfest2023-accepted javascript npm-audit python ruby-on-rails safety security-automation security-tools static-analysis vulnerabilities yarn-audit

Last synced: 24 Oct 2024

https://github.com/mukul-rathi/bolt

Bolt is a language with in-built data-race freedom!

compilers concurrency data-race-freedom language static-analysis types

Last synced: 08 Nov 2024

https://github.com/povils/phpmnd

PHP Magic Number Detector

analysis automation checker clean-code cli detector magic-numbers php static-analysis

Last synced: 17 Nov 2024

https://github.com/vu1nt0tal/vehicle-security-toolkit

汽车/安卓/固件/代码安全测试工具集

android apk cve pentest reverse-engineering security static-analysis vulnerability

Last synced: 04 Jan 2025

https://github.com/Vu1nT0tal/Vehicle-Security-Toolkit

汽车/安卓/固件/代码安全测试工具集

android apk cve pentest reverse-engineering security static-analysis vulnerability

Last synced: 19 Nov 2024

https://github.com/ltcmelo/psychec

A compiler frontend for the C programming language

c c-language clanguage compiler compiler-frontend language-semantics parser parsing parsing-library program-analysis static-analysis type-inference

Last synced: 04 Jan 2025

https://github.com/pylint-dev/astroid

A common base representation of python source code for pylint and other projects

ast closember hacktoberfest inference-engine parser static-analysis static-code-analysis

Last synced: 03 Jan 2025

https://github.com/MobSF/mobsfscan

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

android static-analysis

Last synced: 02 Nov 2024

https://github.com/crystal-ameba/ameba

A static code analysis tool for Crystal

ameba code-analysis crystal linter static-analysis

Last synced: 04 Jan 2025

https://github.com/saveourtool/diktat

Strict coding standard for Kotlin and a custom set of rules for detecting code smells, code style issues and bugs

android awesome awesome-kotlin checkstyle code-checker code-fixer codecheck codestyle hacktoberfest kotlin ktlint linter static-analysis

Last synced: 26 Sep 2024

https://github.com/ex0dus-0x/fuzzable

Framework for Automating Fuzzable Target Discovery with Static Analysis.

binary-analysis fuzzing reverse-engineering security security-tools static-analysis

Last synced: 30 Dec 2024

https://github.com/Privado-Inc/privado

Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.

android-privacy-tools appsec compliance devprivops devsecops gdpr gdpr-compliant hacktoberfest play-store-data-safety privacy-by-design privacy-engineering privacy-labels privacy-policy static-analysis

Last synced: 01 Nov 2024

https://github.com/caphyon/clang-power-tools

Bringing clang-tidy magic to Visual Studio C++ developers.

clang clang-compile clang-format clang-tidy cpp llvm modernize static-analysis

Last synced: 04 Jan 2025

https://github.com/Ericsson/CodeCompass

CodeCompass is a software comprehension tool for large scale software written in C/C++ and Java

code-comprehension cpp java static-analysis

Last synced: 28 Oct 2024

https://github.com/carbonblack/binee

Binee: binary emulation environment

analysis binary binary-analysis emulation hooks malware mock static-analysis testing unicorn-emulator

Last synced: 09 Nov 2024

https://github.com/houqp/sqlvet

Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.

golang linter security sql static-analysis

Last synced: 04 Jan 2025

https://github.com/Caphyon/clang-power-tools

Bringing clang-tidy magic to Visual Studio C++ developers.

clang clang-compile clang-format clang-tidy cpp llvm modernize static-analysis

Last synced: 11 Nov 2024

https://github.com/insidersec/insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

android android-security cli csharp dotnet insider ios ios-security javascript kotlin maven nodejs owasp sast security-automation security-scanner security-tools static-analysis static-analyzer swift

Last synced: 04 Jan 2025

https://github.com/mchalupa/dg

[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.

analysis backward-slice backward-slicing control-dependency data-dependency dependence-graph dependency-graph llvm llvm-bitcode llvm-ir llvm-slicer pointer-analysis points-to-analysis program-analysis reaching-definitions slice slicing static-analysis static-analyzer static-code-analysis

Last synced: 01 Jan 2025

https://github.com/SourceCode-AI/aura

Python source code auditing and static analysis on a large scale

python security-audit static-analysis taint-analysis

Last synced: 08 Nov 2024

https://github.com/lpil/dogma

:closed_lock_with_key: A code style linter for Elixir

static-analysis style-linter

Last synced: 01 Nov 2024

https://github.com/droidefense/engine

Droidefense: Advance Android Malware Analysis Framework

android dalvik droidefense dynamic-analysis dynamic-code-analysis engine engineer malware malware-analysis opcodes ransomware reverse security static-analysis static-code-analysis trojan

Last synced: 30 Nov 2024

https://github.com/ekzhang/crepe

Datalog compiler embedded in Rust as a procedural macro

datalog logic-programming rust souffle static-analysis translator

Last synced: 04 Jan 2025

https://github.com/github/codeql-go

The CodeQL extractor and libraries for Go.

codeql datalog go golang program-analysis static-analysis

Last synced: 29 Sep 2024

https://github.com/phpstan/phpstan-phpunit

PHPUnit extensions and rules for PHPStan

php php7 phpstan phpunit static-analysis static-code-analysis testing

Last synced: 01 Jan 2025

https://github.com/refactorfirst/RefactorFirst

Identifies and prioritizes God Classes Highly Coupled classes, and Class Cycles in Java codebases you should refactor first.

cycle-analysis cycle-detection java maven maven-plugin refactoring refactoring-tools report static-analysis

Last synced: 07 Nov 2024

https://github.com/refactorfirst/refactorfirst

Identifies and prioritizes God Classes Highly Coupled classes, and Class Cycles in Java codebases you should refactor first.

cycle-analysis cycle-detection java maven maven-plugin refactoring refactoring-tools report static-analysis

Last synced: 03 Jan 2025

https://github.com/microsoft/component-detection

Scans your project to determine what components you use

dependencies package-management sbom software-bill-of-materials software-composition-analysis static-analysis

Last synced: 05 Jan 2025

https://github.com/get-woke/woke

Detect non-inclusive language in your source code.

ci codereview conscious-language go golang inclusive inclusive-coding inclusive-language inclusive-lint inclusive-linter lint linter linting static-analysis text-analysis

Last synced: 06 Nov 2024

https://github.com/seahorn/seahorn

SeaHorn Verification Framework

abstract-interpretation horn-clauses llvm model-checking program-analysis static-analysis verification

Last synced: 03 Jan 2025

https://github.com/guilatrova/tryceratops

A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).

code hacktoberfest linter python python3 static-analysis static-code-analysis styleguide stylelint

Last synced: 15 Nov 2024

https://github.com/noidsirius/SootTutorial

A step-by-step tutorial for Soot (a Java static analysis framework)

java soot static-analysis tutorial visualization

Last synced: 21 Nov 2024

https://github.com/amit-davidson/Chronos

Chronos - A static race detector for the go language

analysis data-race-detection detection detects-races go golang mutex-synchronisation pointer-analysis race-condition race-conditions race-detection ssa static-analysis static-code-analysis synchronization

Last synced: 12 Nov 2024

https://github.com/cristianzsh/freki

:wolf: Malware analysis platform

binary-analysis docker flask hacktoberfest malware malware-analysis malware-research python3 reverse-engineering self-hosted self-hosted-api self-hosting static-analysis threat-intelligence virustotal yara

Last synced: 29 Dec 2024

https://github.com/slackhq/compose-lints

Lint checks to aid with a healthy adoption of Compose

android compose jetpack-compose kotlin lint static-analysis static-code-analysis

Last synced: 01 Jan 2025

https://github.com/usethesource/rascal

The implementation of the Rascal meta-programming language (including interpreter, type checker, parser generator, compiler and JVM based run-time system)

checker code-generation compiler domain-specific-language interpreter language metaprogramming parser-generator pattern-matching query-language refactoring-tools relational-algebra repl reverse-engineering source-to-source standard-library static-analysis template-language term-rewriting

Last synced: 04 Jan 2025

https://github.com/skyscanner/cfripper

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

aws aws-security cfripper cloud-governance cloudformation cloudformation-linter cloudformation-template compliance static-analysis

Last synced: 04 Jan 2025

https://github.com/swisskyrepo/vulny-code-static-analysis

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

audit detect-vulnerabilities hacktoberfest php php-source security-scanner security-tools static-analysis statical-analysis vulnerabilities

Last synced: 30 Dec 2024

https://github.com/llvm-mirror/clang-tools-extra

Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project

coding-style refactoring reformat static-analysis

Last synced: 26 Oct 2024

https://github.com/JetBrains/Qodana

📝 Source repository of Qodana Help

ci code-quality code-review code-scanning continuous-integration java javascript jetbrains kotlin php python static-analysis static-code-analysis typescript

Last synced: 08 Nov 2024

https://github.com/jetbrains/qodana

📝 Source repository of Qodana Help

ci code-quality code-review code-scanning continuous-integration java javascript jetbrains kotlin php python static-analysis static-code-analysis typescript

Last synced: 04 Jan 2025

https://github.com/SonarSource/sonar-php

:elephant: SonarPHP: PHP static analyzer for SonarQube & SonarLint

code-quality language-team php sonarqube static-analysis static-code-analysis

Last synced: 14 Nov 2024

https://github.com/swisskyrepo/Vulny-Code-Static-Analysis

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

audit detect-vulnerabilities hacktoberfest php php-source security-scanner security-tools static-analysis statical-analysis vulnerabilities

Last synced: 27 Oct 2024

https://github.com/Skyscanner/cfripper

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

aws aws-security cfripper cloud-governance cloudformation cloudformation-linter cloudformation-template compliance static-analysis

Last synced: 02 Nov 2024

https://github.com/mohitmishra786/reversingbits

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse engineers, and low-level programmers.

assembly binary-analysis binary-exploitation ctf-tools cybersecurity cybersecurity-tools debugging disassembly dynamic-analysis malware-analysis penetration-testing program-analysis reverse-engineering reversing security-tools static-analysis system-security vulnerability-research x86-64 x86-assembly

Last synced: 03 Jan 2025

https://github.com/yalcinyolalan/wssat

WEB SERVICE SECURITY ASSESSMENT TOOL

dynamic-testing information-disclosure rest-api-scanner rest-api-test scanner security-tools soap-web-services sqlinjection static-analysis vulnerabilities web-service web-service-scanner web-service-test xml-bomb xss xxe-injection

Last synced: 03 Nov 2024

https://github.com/YalcinYolalan/WSSAT

WEB SERVICE SECURITY ASSESSMENT TOOL

dynamic-testing information-disclosure rest-api-scanner rest-api-test scanner security-tools soap-web-services sqlinjection static-analysis vulnerabilities web-service web-service-scanner web-service-test xml-bomb xss xxe-injection

Last synced: 25 Oct 2024

https://github.com/phpstan/phpstan-deprecation-rules

PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.

deprecations php php7 phpstan static-analysis static-code-analysis

Last synced: 02 Jan 2025

https://github.com/mre/cargo-inspect

Pssst!... see what Rust is doing behind the curtains 🕵🤫

desugar inspect static-analysis syntactic-sugar unpretty

Last synced: 30 Dec 2024

https://github.com/Documented-Style-Sheets/Parser

:page_facing_up: Documented Style Sheets Parser

comments css detector dss javascript parser static-analysis styling

Last synced: 06 Dec 2024

https://github.com/gaul/modernizer-maven-plugin

Detect uses of legacy Java APIs

apache-commons guava java joda-time maven-plugin static-analysis

Last synced: 02 Jan 2025

https://github.com/exakat/exakat

The Exakat Engine : smart static analysis for PHP

analysis analysis-framework exakat-engine gremlin lint linter neo4j phar php php7 review-tools static-analysis

Last synced: 29 Dec 2024

https://github.com/mazeppa-dev/mazeppa

A modern supercompiler for call-by-value functional languages

compiler functional functional-programming intermediate-representation language optimization performance program-analysis programming-language static-analysis supercompiler symbolic-execution

Last synced: 24 Oct 2024

https://github.com/ajinabraham/njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

appsec codereview codescanner devsecops expressjs jslint lint linter njsscan nodejs nodejsscan nodesecurity python sast security security-tools semantic static-analysis static-analyzer staticanalysis

Last synced: 02 Jan 2025

https://github.com/flatt-security/shisho

Lightweight static analyzer for several programming languages

code-analysis devsecops go rust security static-analysis terraform terraform-security

Last synced: 01 Nov 2024

https://github.com/johnyf/tool_lists

Links to tools by subject

binary-decision-diagrams formal-methods model-checking proof-assistant satisfiability-modulo-theories satisfiability-solver smtlib static-analysis synthesis theorem-prover theorem-proving tools verification

Last synced: 28 Nov 2024

https://github.com/l3yx/Choccy

GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)

codeql security static-analysis

Last synced: 05 Nov 2024

https://github.com/wapmorgan/phpdeprecationdetector

Analyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.

programmer-tool refactoring static-analysis

Last synced: 04 Jan 2025

https://github.com/wapmorgan/PhpDeprecationDetector

Analyzer of PHP code to search issues with deprecated functionality in newer interpreter versions.

programmer-tool refactoring static-analysis

Last synced: 28 Oct 2024

https://github.com/macmade/clangkit

ClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.

c c-plus-plus clang code diagnostics llvm objective-c parsing source static-analysis syntax-highlighting tokenization

Last synced: 02 Jan 2025

https://github.com/macmade/ClangKit

ClangKit provides an Objective-C frontend to LibClang. Source tokenization, diagnostics and fix-its are actually implemented.

c c-plus-plus clang code diagnostics llvm objective-c parsing source static-analysis syntax-highlighting tokenization

Last synced: 26 Oct 2024

https://github.com/flankerhqd/JAADAS

Joint Advanced Defect assEsment for android applications

android-applications inter-procedure-analysis soot static-analysis vulnerability

Last synced: 27 Oct 2024

https://github.com/gitleaks/gitleaks-action

Protect your secrets using Gitleaks-Action

action actions github github-actions secret-scanner secret-scanning secrets security security-automation security-tools static-analysis

Last synced: 03 Jan 2025

https://github.com/jenkinsci/warnings-ng-plugin

Jenkins Warnings Plugin - Next Generation

checkstyle error-prone findbugs hacktoberfest jenkins jenkins-plugin jenkins-warnings pmd spotbugs static-analysis static-code-analysis

Last synced: 03 Jan 2025

https://github.com/policeman-tools/forbidden-apis

Policeman's Forbidden API Checker

ant checker code-analysis gradle java maven static-analysis static-code-analysis staticanalysis

Last synced: 04 Jan 2025

https://github.com/tonybaloney/pycharm-security

Finds security holes in your Python projects from PyCharm and GitHub

devsecops hacktoberfest-accepted security security-automation static-analysis vulnerability

Last synced: 04 Jan 2025

https://github.com/pessimistic-io/slitherin

Slither Detectors by Pessimistic.io

ethereum plugin slither solidity static-analysis

Last synced: 03 Jan 2025

https://github.com/lunarmodules/luacheck

A tool for linting and static analysis of Lua code.

linting lua static-analysis

Last synced: 30 Sep 2024

https://github.com/BytecodeDL/ByteCodeDL

A declarative static analysis tool for jvm bytecode based Datalog like CodeQL

points-to-analysis sast security-tools static-analysis taint-analysis

Last synced: 21 Nov 2024

https://github.com/vitsalis/PyCG

Static Python call graph generator

call-graphs callgraph program-analysis pycg python static-analysis

Last synced: 26 Oct 2024

https://github.com/nickng/dingo-hunter

Static analyser for finding Deadlocks in Go

concurrency deadlock-detection golang research static-analysis

Last synced: 31 Dec 2024

https://github.com/timakin/bodyclose

Analyzer: checks whether HTTP response body is closed and a re-use of TCP connection is not blocked.

code-analysis go golang http linter linter-plugin request static-analysis

Last synced: 02 Jan 2025

https://github.com/arizvisa/ida-minsc

A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor" branch, ancient (but stable) work is in "master", so... create an issue if you want/need something backported. Use "Wiki" or "Discussions" for examples, and smash that "Star" button if you like this.

arm arm64 hamsters ida-plugin ida-pro idapro idapython mips notanothercollaborationpllugin python reverse-engineering static-analysis x86 x86-64

Last synced: 26 Oct 2024

https://github.com/0x0be/PEpper

An open source script to perform malware static analysis on Portable Executable

malware malware-analysis python3 static-analysis

Last synced: 03 Nov 2024

https://github.com/0xor0ne/debugoff

Linux anti-debugging and anti-analysis rust library

anti-analysis anti-debugging antianalysis antidebug antidebugging debugging dynamic-analysis obfuscation rust static-analysis

Last synced: 03 Jan 2025

https://github.com/psalm/psalm-plugin-laravel

A Psalm plugin for Laravel

laravel looking-for-maintainer php php-static-analysis psalm psalm-plugin static-analysis

Last synced: 26 Sep 2024

https://github.com/yegor256/qulice

Quality Police for Java projects: aggregator of Checkstyle and PMD

checkstyle checkstyle-plugin java maven pmd pmd-plugin quality static-analysis

Last synced: 02 Jan 2025

https://github.com/quora/pyanalyze

A Python type checker

linter python static-analysis typechecker types typing

Last synced: 17 Nov 2024

https://github.com/ckaznocha/protoc-gen-lint

A plug-in for Google's Protocol Buffers (protobufs) compiler to lint .proto files for style violations.

google-protocol-buffers lint linter plugin protobuf protocol-buffers static-analysis style-linter

Last synced: 29 Dec 2024

https://github.com/h311d1n3r/Cerberus

A C++ tool to unstrip Rust/Go binaries (ELF and PE)

linux reverse-engineering rust static-analysis

Last synced: 31 Oct 2024

https://github.com/fimbullinter/wotan

Pluggable TypeScript and JavaScript linter

best-practices code-analysis code-quality ecmascript extensible javascript linter static-analysis typescript

Last synced: 28 Oct 2024

https://github.com/seahorn/clam

Static Analyzer for LLVM bitcode based on Abstract Interpretation

abstract-interpretation invariants llvm program-analysis software-verification static-analysis

Last synced: 01 Jan 2025

https://github.com/szepeviktor/phpstan-wordpress

WordPress extensions for PHPStan ⛏️

phpstan phpstan-extension static-analysis wordpress

Last synced: 02 Jan 2025

https://github.com/styrainc/regal

Regal is a linter and language server for Rego, bringing your policy development experience to the next level!

code-quality language-server linter lsp magnificent opa open-policy-agent policy-as-code rego static-analysis

Last synced: 01 Jan 2025

https://github.com/jetbrains/qodana-action

⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle

actions azure-extensions azure-pipelines code-quality code-review code-scanning devsecops dotnet github-actions go java javascript kotlin php python qodana sarif static-analysis static-code-analysis typescript