GitHub topics: static-analysis
soot-oss/SootUp
A new version of Soot with a completely overhauled architecture
Language: Java - Size: 311 MB - Last synced at: about 2 hours ago - Pushed at: about 2 hours ago - Stars: 708 - Forks: 92
shivammathur/setup-php
GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.
Language: TypeScript - Size: 25.7 MB - Last synced at: about 2 hours ago - Pushed at: about 2 hours ago - Stars: 3,076 - Forks: 383
NoLongerHumanHQ/Rule-Based-Code-Review_Assistant
The Rule-Based Code Review Assistant is an automated tool designed to streamline the code review process by applying predefined rules and best practices to analyze code quality, style, and potential issues. This assistant helps development teams maintain consistent coding standards and catch common problems before they reach production.
Language: Python - Size: 35.2 KB - Last synced at: about 2 hours ago - Pushed at: about 4 hours ago - Stars: 0 - Forks: 0
felipebz/flr
A lightweight Java library which provides everything required to analyse any piece of source code.
Language: Kotlin - Size: 7.08 MB - Last synced at: about 2 hours ago - Pushed at: about 4 hours ago - Stars: 1 - Forks: 1
Privado-Inc/privado
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Language: Python - Size: 29.6 MB - Last synced at: about 4 hours ago - Pushed at: about 6 hours ago - Stars: 604 - Forks: 65
Col-E/Recaf
The modern Java bytecode editor
Language: Java - Size: 57.2 MB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 6,551 - Forks: 496
data-apis/array-api-typing
Static typing support for the array API standard
Language: Python - Size: 106 KB - Last synced at: about 8 hours ago - Pushed at: about 10 hours ago - Stars: 17 - Forks: 5
wikimedia/mediawiki-tools-phan-SecurityCheckPlugin
Mirror of https://gerrit.wikimedia.org/g/mediawiki/tools/phan/SecurityCheckPlugin See https://www.mediawiki.org/wiki/Developer_access for contributing
Language: PHP - Size: 2.94 MB - Last synced at: about 9 hours ago - Pushed at: about 11 hours ago - Stars: 26 - Forks: 4
ise-uiuc/KNighter
Automatic checker synthesis for system-level static analysis
Language: C++ - Size: 8.24 MB - Last synced at: about 12 hours ago - Pushed at: about 12 hours ago - Stars: 26 - Forks: 4
WerWolv/ImHex
π A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Language: C++ - Size: 44.9 MB - Last synced at: about 11 hours ago - Pushed at: about 13 hours ago - Stars: 49,891 - Forks: 2,197
nikic/PHP-Parser
A PHP parser written in PHP
Language: PHP - Size: 7.55 MB - Last synced at: about 14 hours ago - Pushed at: about 15 hours ago - Stars: 17,307 - Forks: 1,111
nowsecure/r2frida
Radare2 and Frida better together.
Language: TypeScript - Size: 2.87 MB - Last synced at: about 17 hours ago - Pushed at: about 19 hours ago - Stars: 1,294 - Forks: 130
pylint-dev/astroid
A common base representation of python source code for pylint and other projects
Language: Python - Size: 16.8 MB - Last synced at: about 19 hours ago - Pushed at: about 19 hours ago - Stars: 552 - Forks: 299
RalfKoban/MiKo-Analyzers
Provides analyzers that are based on the .NET Compiler Platform.
Language: C# - Size: 15.5 MB - Last synced at: about 19 hours ago - Pushed at: about 20 hours ago - Stars: 13 - Forks: 2
checkstyle/checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Language: Java - Size: 195 MB - Last synced at: about 19 hours ago - Pushed at: about 19 hours ago - Stars: 8,639 - Forks: 3,839
safedep/vet
Protect against malicious open source packages π€
Language: Go - Size: 12.6 MB - Last synced at: about 20 hours ago - Pushed at: about 22 hours ago - Stars: 605 - Forks: 59
palantir/tslint π¦
:vertical_traffic_light: An extensible linter for the TypeScript language
Language: TypeScript - Size: 14.4 MB - Last synced at: about 12 hours ago - Pushed at: over 4 years ago - Stars: 5,911 - Forks: 883
bridgecrewio/checkov-action
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Language: HCL - Size: 889 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 276 - Forks: 111
PHP-CS-Fixer/PHP-CS-Fixer
A tool to automatically fix PHP Coding Standards issues
Language: PHP - Size: 34.7 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 13,281 - Forks: 1,609
jameslamb/pydistcheck
Linter that finds portability issues in Python package distributions (wheels, sdists, conda packages).
Language: Python - Size: 1.46 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 42 - Forks: 4
haarish-v/code-lingo
π Code Lingo A sleek command-line tool that generates human-readable summaries of your Python code's structure β including imports, functions, classes, and public methods β using Pythonβs built-in AST parser. Perfect for quickly understanding unfamiliar codebases or reviewing your own.
Language: Python - Size: 12.7 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
mbj/mutant
Automated code reviews via mutation testing - semantic code coverage.
Language: Ruby - Size: 5.53 MB - Last synced at: about 6 hours ago - Pushed at: about 1 month ago - Stars: 1,980 - Forks: 156
ast-grep/ast-grep
β‘A CLI tool for code structural search, lint and rewriting. Written in Rust
Language: Rust - Size: 7.51 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 9,360 - Forks: 247
INRIA/spoon
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Language: Java - Size: 34.6 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,839 - Forks: 361
semgrep/semgrep-rules
Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
Language: HCL - Size: 9.65 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 948 - Forks: 453
phan/phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Language: PHP - Size: 42.7 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 5,574 - Forks: 371
realm/SwiftLint
A tool to enforce Swift style and conventions.
Language: Swift - Size: 930 MB - Last synced at: 1 day ago - Pushed at: 9 days ago - Stars: 19,096 - Forks: 2,262
protectai/vulnhuntr
Zero shot vulnerability discovery using LLMs
Language: Python - Size: 119 KB - Last synced at: about 16 hours ago - Pushed at: 6 months ago - Stars: 1,876 - Forks: 202
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Language: JavaScript - Size: 18.2 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 9,062 - Forks: 823
SonarSource/SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
Language: TypeScript - Size: 84.3 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 1,128 - Forks: 188
henryhchchc/mokapot
A library for analyzing and manipulating JVM bytecode
Language: Rust - Size: 1.36 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 21 - Forks: 3
orhun/binsider
Analyze ELF binaries like a boss πΌπ΅οΈββοΈ
Language: Rust - Size: 19 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 3,339 - Forks: 79
carlosas/phpat
βοΈ PHP Architecture Tester - Easy architecture testing for PHP
Language: PHP - Size: 4.31 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 1,190 - Forks: 56
staabm/staabm.github.io
Personal blog, about my open source activies.
Language: HTML - Size: 26.8 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 7 - Forks: 2
glebm/i18n-tasks
Manage translation and localization with static analysis, for Ruby i18n
Language: Ruby - Size: 2.91 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 2,127 - Forks: 274
green-code-initiative/creedengo-rules-specifications
Reduce the environmental footprint of your software programs with SonarQube
Language: Java - Size: 5.88 MB - Last synced at: about 3 hours ago - Pushed at: 4 days ago - Stars: 202 - Forks: 105
mfvanek/pg-index-health
pg-index-health is an embeddable schema linter for PostgreSQL that detects common anti-patterns and promotes best practices.
Language: Java - Size: 3.6 MB - Last synced at: about 23 hours ago - Pushed at: 1 day ago - Stars: 170 - Forks: 19
acanda/code-analysis-maven-plugin
Coan is a code analysis Maven plugin that runs Checkstyle and PMD and generates a single page HTML report.
Language: Java - Size: 494 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 3 - Forks: 0
future-architect/eslint-plugin-vue-scoped-css
ESLint plugin for Scoped CSS in Vue.js
Language: TypeScript - Size: 2.67 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 109 - Forks: 13
facebook/infer
A static analyzer for Java, C, C++, and Objective-C
Language: OCaml - Size: 192 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 15,307 - Forks: 2,038
SonarSource/sonarqube-webapp
SonarQube Community Build Web App
Language: TypeScript - Size: 75.7 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 6 - Forks: 5
detekt/detekt
Static code analysis for Kotlin
Language: Kotlin - Size: 153 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 6,622 - Forks: 805
meziantou/Meziantou.Analyzer
A Roslyn analyzer to enforce some good practices in C#.
Language: C# - Size: 2.55 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 1,028 - Forks: 57
jspecify/jspecify
An artifact of fully-specified annotations to power static-analysis checks, beginning with nullness analysis.
Language: Java - Size: 7.12 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 789 - Forks: 33
szepeviktor/phpstan-wordpress
WordPress extensions for PHPStan βοΈ
Language: PHP - Size: 447 KB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 300 - Forks: 28
facebook/pyre-check
Performant type-checking for python.
Language: OCaml - Size: 483 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 7,061 - Forks: 453
iris-sast/iris
A neurosymbolic framework for vulnerability detection in code
Language: Python - Size: 2.58 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 183 - Forks: 25
soot-oss/soot
Soot - A Java optimization framework
Language: Java - Size: 873 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 2,997 - Forks: 720
Da-Buche/skill-sharp
Cadence SKILL++ Enhanced Framework
Language: Scheme - Size: 229 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1 - Forks: 0
jenkinsci/warnings-ng-plugin
Jenkins Warnings Plugin - Next Generation
Language: Java - Size: 27.1 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 346 - Forks: 283
tokiwa-software/fuzion
The Fuzion Language Implementation
Language: Java - Size: 22.5 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 54 - Forks: 12
jenkinsci/analysis-model
A library to read static analysis reports into a Java object model
Language: Java - Size: 13.5 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 85 - Forks: 189
0xor0ne/debugoff
Linux anti-debugging and anti-analysis rust library
Language: Rust - Size: 823 KB - Last synced at: 2 days ago - Pushed at: over 2 years ago - Stars: 319 - Forks: 25
muslchn/temperature-conversion
π CLI app for converting Celsius to Fahrenheit and RΓ©aumur, with location logging, temperature classification, and clean Go architecture.
Language: Go - Size: 6.84 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0
exakat/php-static-analysis-tools
A reviewed list of useful PHP static analysis tools
Size: 216 KB - Last synced at: 2 days ago - Pushed at: 6 months ago - Stars: 2,861 - Forks: 248
reviewdog/reviewdog
πΆ Automated code review tool integrated with any code analysis tools regardless of programming language
Language: Go - Size: 5.15 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 8,561 - Forks: 453
tiobe/JuliaCheck.jl
Code checker for Julia language
Language: Julia - Size: 364 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
Language: Python - Size: 115 KB - Last synced at: 1 day ago - Pushed at: 4 months ago - Stars: 5,379 - Forks: 533
SeanPesce/JSRETK
JavaScript Reverse Engineering Toolkit (JSRETK) - Experimental tools for analyzing (minified/obfuscated) JavaScript
Language: JavaScript - Size: 59.6 KB - Last synced at: 3 days ago - Pushed at: 7 months ago - Stars: 59 - Forks: 5
ericcornelissen/js-regex-security-scanner
A static analyzer to scan JavaScript code for problematic regular expressions.
Language: JavaScript - Size: 2.02 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 8 - Forks: 2
SVF-tools/Software-Analysis-Studio
Teaching and Learning Software Analysis via SVF
Language: C++ - Size: 28.6 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 203 - Forks: 119
ftTower/Arachnida
Arachnida is a project consisting of two distinct tools, Spider and Scorpion, designed for web data processing, specifically image extraction and metadata analysis.
Language: Python - Size: 9.77 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0
gmh5225/awesome-llvm-security
awesome llvm security [Welcome to PR]
Size: 423 KB - Last synced at: 1 day ago - Pushed at: about 1 month ago - Stars: 729 - Forks: 91
praetorian-inc/gokart π¦
A static analysis tool for securing Go code
Language: Go - Size: 189 KB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 2,176 - Forks: 106
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Language: Python - Size: 90 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 7,761 - Forks: 1,216
thradams/cake
Cake a C23 front end and transpiler written in C
Language: C - Size: 109 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 608 - Forks: 29
presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Language: Ruby - Size: 40.3 MB - Last synced at: 3 days ago - Pushed at: 10 days ago - Stars: 7,130 - Forks: 753
wala/WALA
T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses
Language: Java - Size: 57.9 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 807 - Forks: 236
jpetrucciani/ruff-check
github action to run ruff on your repo
Language: Dockerfile - Size: 153 KB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 13 - Forks: 1
kubawerlos/php-cs-fixer-custom-fixers
A set of custom fixers for PHP CS Fixer
Language: PHP - Size: 2.59 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 231 - Forks: 23
z0mb13w4r/objtools
next-gen replacement for readelf, objdump and objcopy.
Language: C - Size: 682 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
secure-software-engineering/phasar
A LLVM-based static analysis framework.
Language: C++ - Size: 132 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 993 - Forks: 149
ossillate-inc/packj
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Language: Python - Size: 1.31 MB - Last synced at: about 4 hours ago - Pushed at: over 1 year ago - Stars: 666 - Forks: 34
carthage-software/mago
Mago is a toolchain for PHP that aims to provide a set of tools to help developers write better code.
Language: Rust - Size: 6.11 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 487 - Forks: 30
SVF-tools/Teaching-Software-Verification
Teaching and Learning Software Verification via SVF
Language: C++ - Size: 10.8 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 34 - Forks: 23
SVF-tools/Software-Security-Analysis
Static Analysis Course
Language: C++ - Size: 87.6 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 73 - Forks: 28
KeYProject/key
KeY Theorem Prover for Deductive Java Verification
Language: Java - Size: 215 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 60 - Forks: 36
hadolint/hadolint
Dockerfile linter, validate inline bash, written in Haskell
Language: Haskell - Size: 3.7 MB - Last synced at: 4 days ago - Pushed at: 13 days ago - Stars: 11,364 - Forks: 461
clj-kondo/clj-kondo
Static analyzer and linter for Clojure code that sparks joy
Language: Clojure - Size: 14.4 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1,779 - Forks: 291
phpstan/phpstan-beberlei-assert
PHPStan extension for beberlei/assert
Language: PHP - Size: 154 KB - Last synced at: 2 days ago - Pushed at: 3 months ago - Stars: 43 - Forks: 12
SonarSource/sonarqube
Continuous Inspection
Language: Java - Size: 916 MB - Last synced at: 4 days ago - Pushed at: 5 days ago - Stars: 9,744 - Forks: 2,093
aviatesk/JET.jl
An experimental code analyzer for Julia. No need for additional type annotations.
Language: Julia - Size: 25.7 MB - Last synced at: 3 days ago - Pushed at: 13 days ago - Stars: 796 - Forks: 33
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Language: OCaml - Size: 86.8 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 12,106 - Forks: 739
yonasBSD/sonarqube Fork of SonarSource/sonarqube
Continuous Inspection
Language: Java - Size: 847 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
HarvardPL/formulog
Datalog with support for SMT queries and first-order functional programming
Language: Java - Size: 2.93 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 159 - Forks: 10
microsoft/component-detection
Scans your project to determine what components you use
Language: C# - Size: 5.93 MB - Last synced at: 1 day ago - Pushed at: 4 days ago - Stars: 489 - Forks: 105
zizmorcore/zizmor
Static analysis for GitHub Actions
Language: Rust - Size: 2.41 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 2,841 - Forks: 96
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
Language: CSS - Size: 5.28 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 2,485 - Forks: 341
uhafner/autograding-gitlab-action
GitLab Action to autograde projects based on a configurable set of metrics
Language: Java - Size: 1.95 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 8 - Forks: 1
atlassian-labs/FSRT
A static analyzer for finding Forge app vulnerabilities
Language: Rust - Size: 1.22 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 9 - Forks: 7
qltysh/qlty
π Code quality CLI for universal linting, auto-formatting, security scanning, and maintainability
Language: Rust - Size: 4.39 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 2,749 - Forks: 257
abaplint/abaplint
Standalone static analysis for ABAP
Language: TypeScript - Size: 73.9 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 237 - Forks: 76
uber/NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Language: Java - Size: 6.76 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 3,801 - Forks: 309
phpstan/phpdoc-parser
Next-gen phpDoc parser with support for intersection types and generics
Language: PHP - Size: 956 KB - Last synced at: 4 days ago - Pushed at: 15 days ago - Stars: 1,460 - Forks: 66
MonkeyProof-Solutions-BV/CC4M-githooks
Integration of CC4M - Code Checker for MATLAB - with GIT
Language: MATLAB - Size: 13.7 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1 - Forks: 0
vercel/nft
Node.js dependency tracing utility
Language: JavaScript - Size: 4.38 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1,465 - Forks: 155
elazarg/pythia
Pointer Analysis of CPython Bytecode using Abstract Interpretation
Language: Python - Size: 1.47 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 8 - Forks: 0
Ackee-Blockchain/wake
Wake is a Python-based Solidity development and testing framework with built-in vulnerability detectors
Language: Python - Size: 101 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 299 - Forks: 43
pascal-lab/Tai-e
An easy-to-learn/use static analysis framework for Java
Language: Java - Size: 12.3 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1,605 - Forks: 180
pylint-dev/pylint
It's not just a linter that annoys you!
Language: Python - Size: 36.7 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 5,518 - Forks: 1,180