Find Sec Bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Gosec | 7,094 | 669 | 5 days ago | 111 | May 17, 2023 | 28 | apache-2.0 | Go | ||
| Golang security checker | ||||||||||
| Brakeman | 6,741 |  | 5,984 | 120 | 10 days ago | 148 | July 20, 2023 | 101 | other | Ruby |
| A static analysis security vulnerability scanner for Ruby on Rails applications | ||||||||||
| Grype | 6,541 | 15 | 14 hours ago | 187 | August 03, 2023 | 221 | apache-2.0 | Go | ||
| A vulnerability scanner for container images and filesystems | ||||||||||
| Pyre Check | 6,477 |  | 23 | 22 | 21 hours ago | 76 | February 14, 2023 | 139 | mit | OCaml |
| Performant type-checking for python. | ||||||||||
| Tfsec | 6,258 | 16 | 11 days ago | 405 | October 25, 2022 | 13 | mit | Go | ||
| Security scanner for your Terraform code | ||||||||||
| Applicationinspector | 4,082 |  | 2 | 12 days ago | 47 | August 02, 2023 | 19 | mit | C# | |
| A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes. | ||||||||||
| Nodejsscan | 2,233 | 2 days ago | 6 | gpl-3.0 | CSS | |||||
| nodejsscan is a static security code scanner for Node.js applications. | ||||||||||
| Find Sec Bugs | 2,102 | 36 | 68 | a month ago | 21 | April 06, 2022 | 94 | lgpl-3.0 | Java | |
| The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects) | ||||||||||
| Gokart | 2,101 | 2 | 5 months ago | 9 | September 22, 2022 | 30 | apache-2.0 | Go | ||
| A static analysis tool for securing Go code | ||||||||||
| Pyt | 2,005 |  | 11 | 1 | 3 years ago | 15 | November 01, 2018 | 20 | gpl-2.0 | Python |
| A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications | ||||||||||
Alternatives To Find Sec BugsSelect To Compare
Alternative Project Comparisons
Readme
OWASP Find Security Bugs
Find Security Bugs is the SpotBugs plugin for security audits of Java web applications.
Website : http://find-sec-bugs.github.io/
Main developers
Notable contributions
-
David Formánek
- Major improvements and refactoring on the taint analysis for injections.
- The creation of a detector for hard coded passwords and cryptographic keys.
-
Tomáš Polešovský
- Improvements and bug fixes related to the taint analysis.
-
Maxime Nadeau
- New detectors surrounding the Play Framework and improvements related to Scala.
-
Naoki Kimura
- Detector for injection in custom API
- Translation of messages in Japanese
-
Dave Wichers
- Improvement to vulnerability descriptions
Project Sponsors
The development of Find Security Bugs is supported by GoSecure since 2016. The support includes the development of new detectors and the research for new vulnerability classes.
Screenshots
Eclipse
IntelliJ / Android Studio
SonarQube
License
This software is release under LGPL.
Popular Security Projects
Popular Static Analysis Projects
Popular Security Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Java
Kotlin
Security
Groovy
Bytecode
Static Analysis
Owasp
Code Analysis
Security Audit
Findbugs
Taint Analysis