staticanalysis
There are 1 repository under staticanalysis topic.
ajinabraham / njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Language:JavaScript 417policeman-tools / forbidden-apis
Policeman's Forbidden API Checker
Language:Java 359- lazytrivy
owenrumney / lazytrivy
Vulnerability scanning just got lazier
Language:Go 303 gostaticanalysis / skeleton
Tool: skeleton is create skeleton codes for golang.org/x/tools/go/analysis.
Language:Go 183krizzsk / HackersCave4StaticAndroidSec
A comprehensive resource for Android static analysis and vulnerability assessment. Tutorials, tools, and resources for identifying and mitigating security vulnerabilities in Android applications.
Generic SAST Library
Language:Python 132- Language:Go 96
Analyzer: nilerr checks returning nil when err is not nil
Language:Go 63sanposhiho / wastedassign
Go Linter: finds wasted assignment statements 🗑
Language:Go 38secure-software-engineering / TypeEvalPy
A Micro-benchmarking Framework for Python Type Inference Tools
Language:Python 38- Language:Go 31
Library: Utilities for x/tools/go/analysis package
Language:Go 29nodejsscan Github Action
Language:Dockerfile 28Analyzer: called is a analyzer which can find function calling
Language:Go 28- Language:Go 28
DasariJayanth / Malware-Detection-in-PE-files-using-Machine-Learning
Detecting Malware in PE files
Language:Jupyter Notebook 26- Language:Go 24
openscanhub / openscanhub
OpenScanHub is a service for static and dynamic analysis.
Language:Python 18ucr-riple / NullAwayAnnotator
A tool to help adapting code bases to NullAway type system.
Language:Java 17Analyzer: CommentMap utilities for static analysis in Go
Language:Go 12- Language:Shell 12
Analyzer: typednil finds a comparison between typed nil and untyped nil
Language:Go 10- Language:Go 9
dibsy / StaticAnalyzer
StaticAnalyzer is a burp plugin that can be used to perform static analysis of the response information from server during run time. It will search for specific words in the response that is mentioned in the vectors.txt
Language:Java 8Analyzer: wraperrfmt checks invalid arguments of xerrors.Errorf
Language:Go 8Analyzer: check for possible assigning package variables
Language:Go 6media-code / workspace
Extendible workspace configurator for Laravel to effortlessly keep linters, fixers, static analysis, CI workflows, editor integrations and more in sync across all your teams & projects
Language:PHP 5rtfeng / FlowdroidCG
A build well Android APK call graph generator
Language:Java 5- Language:C++ 5
Analyzer: notest checks either the package has test files
Language:Go 4CristianoRC / DeadSharp
DeadSharp is a static analysis tool that detects unused (dead) code in C# projects to improve quality and maintainability.
Language:C# 3DrakkLord / gradle-android-metric-plugin
Plugin for Android Studio that can collect and show code metric infromation from Gradle plugins, such as PMD, Checkstyle
Language:Java 3Analyzer: emptycase finds case statements with no body
Language:Go 3Analyzer: testhelper finds a package function which is not a test function and receives a value of *testing.T as a parameter but it does not call (*testing.T).Helper
Language:Go 3kevin-valerio / gogotrace
Reverse call-graph that traces all callers of a function by signature
Language:Go 3wala / MiniJar
MiniJar is a tool for jar reduction that uses WALA for static analysis of Java bytecode. See README.
Language:Java 3
