Awesome Open Source
Awesome Open Source
Application Programming Interfaces
Command Line Interface
Integrated Development Environments
Lists Of Projects
User Interface Components
Web User Interface
The Top 220 Static Analysis Open Source Projects
ShellCheck, a static analysis tool for shell scripts
Become A Software Engineer At Top Companies
Identify your strengths with a free online coding quiz, and skip resume and recruiter screens at multiple companies at once. It's free, confidential, includes a free flight and hotel, along with help to study to pass interviews and negotiate a high salary!
A PHP parser written in PHP
A static analyzer for Java, C, C++, and Objective-C
Php Cs Fixer
A tool to automatically fix PHP Coding Standards issues
PHP Static Analysis Tool - discover bugs in your code without running it!
PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
Static analysis tools for all programming languages, build tools, config files and more.
Vulnerability Static Analysis for Containers
Mobile Security Framework Mobsf
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Awesome Malware Analysis
Defund the Police.
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
🚦 An extensible linter for the TypeScript language
A static analysis security vulnerability scanner for Ruby on Rails applications
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Catch common Java mistakes as compile-time errors
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Awesome autocompletion, static analysis and refactoring library for python
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Performant type-checking for python.
Golang security checker
Code smell detector for Ruby
Staticcheck - The advanced Go linter
A static analysis tool for finding errors in PHP applications
Eslint Plugin Vue
Official ESLint plugin for Vue.js
Useful CMake Examples
An extensible multilanguage static code analyzer.
static analysis of C/C++ code
It's not just a linter that annoys you!
A static type analyzer for Python code
🚀Optimizer for mobile applications
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
A Golang tool that does static analysis, unit testing, code review and generate code quality report.
Visualize call graph of a Go program using dot (Graphviz)
A Ruby code quality reporter
Mobileapp Pentest Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint.
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Php Static Analysis Tools
A reviewed list of useful PHP static analysis tools
⚗️ Adds static analysis to Laravel improving developer productivity and code quality
Code Climate CLI
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Just Another Android App
An Android base app with loads of cool libraries/configuration NOT MAINTAINED
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS.
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Manage translation and localization with static analysis, for Ruby i18n
Soot - A Java optimization framework
nodejsscan is a static security code scanner for Node.js applications.
Find Sec Bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
🔒🌍 Static analysis powered security scanner for your terraform code
TypeScript Compiler API wrapper for static analysis and programmatic code changes.
A libre cross-platform disassembler.
Static analyzer for C/C++ based on the theory of Abstract Interpretation.
Binary Analysis Platform
A list of computer-science readings I recommend
Awesome Golang Security
Awesome Golang Security resources 🕶🔐
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Various code metrics for Python code
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification
PySonar2: an advanced semantic indexer for Python
Security-focused static analysis for the Phoenix Framework
A modern Java bytecode editor
Spoon is a metaprogramming library to analyze and transform Java source code (up to Java 14). 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Php Language Server
PHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
The official GitHub mirror of https://gitlab.com/pycqa/flake8
Docker image that provides static analysis tools for PHP
Static code analyzer for TypeScript
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Awesome Go Linters
A curated list of awesome Go linters. More than 60 linters and tools!
Linting tool for CloudFormation templates
Awesome Python Security
Awesome Python Security resources 🕶🐍🔐
☕️ SonarSource Static Analyzer for Java Code Quality and Security
Andromeda - Interactive Reverse Engineering Tool for Android Applications
Phpcs Calisthenics Rules
Object Calisthenics rules for PHP_CodeSniffer
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
The Felix Programming Language
Code style checking for RSpec files
Modern Cpp Template
A template for modern C++ projects using CMake, Clang-Format, CI, unit testing and more, with support for downstream inclusion.
A GitHub app to automatically review Python code style over Pull Requests
Static Analyzer for Solidity
Radare2 and Frida better together.
Next-gen phpDoc parser with support for intersection types and generics
Collection of small security tools created mostly in Python. CTFs, pentests and so on
🔐 A code style linter for Elixir
Emacs Lisp Static Analyzer
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Static Value-Flow Analysis Framework for Source Code
IDAPython Made Easy
Code analyzer for C# and VB.NET projects https://redirect.sonarsource.com/plugins/vbnet.html
A LLVM-based static analysis framework.
A static analysis tool for Python that blurs the line between testing and type systems.
1-100 of 220 projects