static-analyzer
There are 13 repositories under static-analyzer topic.
- Language:PHP 12580
llvm-mirror / clang
Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
Language:C++ 3037- embaLanguage:Shell 2446
- PhpMetrics
phpmetrics / PhpMetrics
Beautiful and understandable static analysis tool for PHP
Language:PHP 2436 phpmd / phpmd
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Language:PHP 2292Ericsson / codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Language:Python 2109KeenSecurityLab / BinAbsInspector
BinAbsInspector: Vulnerability Scanner for Binaries
Language:Java 1521kalessil / phpinspectionsea
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Language:Java 1428- Language:Java 1398
- Language:C++ 1308
phpstan / phpdoc-parser
Next-gen phpDoc parser with support for intersection types and generics
Language:PHP 1247SonarSource / sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
Language:Java 1089fkie-cad / cwe_checker
cwe_checker finds vulnerable patterns in binary executables
Language:Rust 1061SonarSource Static Analyzer for JavaScript and TypeScript
Language:TypeScript 998Code analyzer for C# and VB.NET projects
Language:C# 720- APKHunt
Cyber-Buddy / APKHunt
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Language:Go 698 alexkohler / prealloc
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
Language:Go 627- Language:Haskell 559
Doctrine extensions for PHPStan
Language:PHP 558insidersec / insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Language:Go 488mchalupa / dg
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Language:C++ 467ajinabraham / njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Language:JavaScript 351- Language:Rust 350
rizsotto / scan-build
Clang's scan-build re-implementation in python
Language:Python 347vbpf / ebpf-verifier
eBPF verifier based on abstract interpretation
Language:C++ 345- Language:Scala 272
- Language:Java 252
- Language:Java 187
- opemLanguage:Python 185
florianschanda / miss_hit
MATLAB Independent, Small & Safe, High Integrity Tools - code formatter and more
Language:Python 148SoftSec-KAIST / Smartian
Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE '21)
Language:F# 132- Language:Python 127
nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
Language:Go 125- Language:OCaml 120
Generic SAST Library
Language:Python 119Nette Framework class reflection extension for PHPStan & framework-specific rules
Language:PHP 100
