There are 13 repositories under static-analyzer topic.
Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
Beautiful and understandable static analysis tool for PHP
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
BinAbsInspector: Vulnerability Scanner for Binaries
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Next-gen phpDoc parser with support for intersection types and generics
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
cwe_checker finds vulnerable patterns in binary executables
SonarSource Static Analyzer for JavaScript and TypeScript
Code analyzer for C# and VB.NET projects
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Doctrine extensions for PHPStan
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Clang's scan-build re-implementation in python
eBPF verifier based on abstract interpretation
MATLAB Independent, Small & Safe, High Integrity Tools - code formatter and more
Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE '21)
nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Generic SAST Library
Nette Framework class reflection extension for PHPStan & framework-specific rules