Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: static-analysis
checkstyle/checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Language: Java - Size: 143 MB - Last synced: 9 days ago - Pushed: 9 days ago - Stars: 8,138 - Forks: 3,633
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Language: JavaScript - Size: 1.33 GB - Last synced: 9 days ago - Pushed: 27 days ago - Stars: 16,345 - Forks: 3,116
rshipp/awesome-malware-analysis
Defund the Police.
Size: 596 KB - Last synced: 9 days ago - Pushed: 17 days ago - Stars: 11,074 - Forks: 2,492
ttroy50/cmake-examples
Useful CMake Examples
Language: CMake - Size: 541 KB - Last synced: 8 days ago - Pushed: 2 months ago - Stars: 11,961 - Forks: 2,473
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Size: 7.03 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 7,949 - Forks: 2,346
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Language: Python - Size: 396 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 11,248 - Forks: 2,222
realm/SwiftLint
A tool to enforce Swift style and conventions.
Language: Swift - Size: 685 MB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 18,355 - Forks: 2,179
facebook/infer
A static analyzer for Java, C, C++, and Objective-C
Language: OCaml - Size: 176 MB - Last synced: about 16 hours ago - Pushed: about 16 hours ago - Stars: 14,730 - Forks: 1,997
SonarSource/sonarqube
Continuous Inspection
Language: Java - Size: 900 MB - Last synced: about 8 hours ago - Pushed: about 9 hours ago - Stars: 8,611 - Forks: 1,915
koalaman/shellcheck
ShellCheck, a static analysis tool for shell scripts
Language: Haskell - Size: 5.36 MB - Last synced: 9 days ago - Pushed: 16 days ago - Stars: 35,053 - Forks: 1,719
PHP-CS-Fixer/PHP-CS-Fixer
A tool to automatically fix PHP Coding Standards issues
Language: PHP - Size: 30.8 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 12,560 - Forks: 1,548
WerWolv/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Language: C++ - Size: 36.6 MB - Last synced: about 14 hours ago - Pushed: about 20 hours ago - Stars: 33,110 - Forks: 1,545
squizlabs/PHP_CodeSniffer
PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
Language: PHP - Size: 193 MB - Last synced: 5 days ago - Pushed: about 1 month ago - Stars: 10,603 - Forks: 1,487
pmd/pmd
An extensible multilanguage static code analyzer.
Language: Java - Size: 450 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 4,649 - Forks: 1,451
danmar/cppcheck
static analysis of C/C++ code
Language: C++ - Size: 150 MB - Last synced: about 7 hours ago - Pushed: about 9 hours ago - Stars: 5,480 - Forks: 1,409
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Language: Rust - Size: 40.2 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 12,801 - Forks: 1,324
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Size: 333 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 4,356 - Forks: 1,213
quay/clair
Vulnerability Static Analysis for Containers
Language: Go - Size: 33.2 MB - Last synced: 14 days ago - Pushed: 14 days ago - Stars: 10,041 - Forks: 1,151
Konloch/bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Language: Java - Size: 618 MB - Last synced: 1 day ago - Pushed: 19 days ago - Stars: 14,364 - Forks: 1,130
pylint-dev/pylint
It's not just a linter that annoys you!
Language: Python - Size: 39 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 5,126 - Forks: 1,085
nikic/PHP-Parser
A PHP parser written in PHP
Language: PHP - Size: 7.24 MB - Last synced: 3 days ago - Pushed: 22 days ago - Stars: 16,849 - Forks: 1,082
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Language: Python - Size: 80.9 MB - Last synced: about 12 hours ago - Pushed: about 13 hours ago - Stars: 6,566 - Forks: 1,048
crytic/slither
Static Analyzer for Solidity and Vyper
Language: Python - Size: 66 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 4,976 - Forks: 902
palantir/tslint 📦
:vertical_traffic_light: An extensible linter for the TypeScript language
Language: TypeScript - Size: 14.4 MB - Last synced: about 7 hours ago - Pushed: about 3 years ago - Stars: 5,909 - Forks: 892
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
Language: PHP - Size: 4.7 GB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 12,521 - Forks: 857
astral-sh/ruff
An extremely fast Python linter and code formatter, written in Rust.
Language: Rust - Size: 41.4 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 24,921 - Forks: 797
detekt/detekt
Static code analysis for Kotlin
Language: Kotlin - Size: 113 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 6,010 - Forks: 752
google/error-prone
Catch common Java mistakes as compile-time errors
Language: Java - Size: 123 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 6,702 - Forks: 721
presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Language: Ruby - Size: 37.8 MB - Last synced: 8 days ago - Pushed: 10 days ago - Stars: 6,911 - Forks: 710
soot-oss/soot
Soot - A Java optimization framework
Language: Java - Size: 608 MB - Last synced: 3 days ago - Pushed: 9 days ago - Stars: 2,799 - Forks: 707
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Language: JavaScript - Size: 12.1 MB - Last synced: about 14 hours ago - Pushed: about 15 hours ago - Stars: 6,643 - Forks: 671
SonarSource/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
Language: Java - Size: 61.8 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 1,088 - Forks: 661
vimeo/psalm
A static analysis tool for finding errors in PHP applications
Language: PHP - Size: 81.9 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 5,440 - Forks: 648
vuejs/eslint-plugin-vue
Official ESLint plugin for Vue.js
Language: JavaScript - Size: 4.83 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 4,361 - Forks: 647
amilajack/reading
A list of computer-science readings I recommend
Size: 523 MB - Last synced: 27 days ago - Pushed: over 1 year ago - Stars: 2,847 - Forks: 645
securego/gosec
Go security checker
Language: Go - Size: 4.89 MB - Last synced: 20 days ago - Pushed: about 1 month ago - Stars: 7,434 - Forks: 580
SERG-Delft/jpacman
Pacman-inspired game, for teaching testing purposes. (>= v9.0.0)
Language: Java - Size: 545 KB - Last synced: 25 days ago - Pushed: almost 5 years ago - Stars: 5 - Forks: 577
didi/booster
🚀Optimizer for mobile applications
Language: Kotlin - Size: 11.3 MB - Last synced: 16 days ago - Pushed: 2 months ago - Stars: 4,776 - Forks: 570
spotbugs/spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Language: Java - Size: 138 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 3,328 - Forks: 569
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Language: OCaml - Size: 74.9 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 9,668 - Forks: 556
aquasecurity/tfsec
Security scanner for your Terraform code
Language: Go - Size: 114 MB - Last synced: 2 days ago - Pushed: 4 days ago - Stars: 6,575 - Forks: 529
yinwang0/pysonar2
PySonar2: a semantic indexer for Python with interprocedual type inference
Language: Java - Size: 8.78 MB - Last synced: 3 months ago - Pushed: almost 2 years ago - Stars: 1,366 - Forks: 510
davidhalter/jedi
Awesome autocompletion, static analysis and refactoring library for python
Language: Python - Size: 12.6 MB - Last synced: 2 days ago - Pushed: 5 days ago - Stars: 5,679 - Forks: 498
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Language: Go - Size: 17.5 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 5,408 - Forks: 494
anchore/grype
A vulnerability scanner for container images and filesystems
Language: Go - Size: 4.29 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 7,586 - Forks: 485
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Language: Java - Size: 7.35 MB - Last synced: 3 days ago - Pushed: 10 days ago - Stars: 2,207 - Forks: 463
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
Language: Python - Size: 96.7 KB - Last synced: 9 days ago - Pushed: 3 months ago - Stars: 4,600 - Forks: 455
Col-E/Recaf
The modern Java bytecode editor
Language: Java - Size: 53 MB - Last synced: 29 days ago - Pushed: 29 days ago - Stars: 5,524 - Forks: 433
facebook/pyre-check
Performant type-checking for python.
Language: OCaml - Size: 113 MB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 6,689 - Forks: 425
SVF-tools/SVF
Static Value-Flow Analysis Framework for Source Code
Language: C++ - Size: 17.9 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 1,305 - Forks: 417
rrrene/credo
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Language: Elixir - Size: 4.89 MB - Last synced: 14 days ago - Pushed: 16 days ago - Stars: 4,842 - Forks: 408
reviewdog/reviewdog
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
Language: Go - Size: 4.1 MB - Last synced: about 21 hours ago - Pushed: 1 day ago - Stars: 7,400 - Forks: 395
ondrajz/go-callvis
Visualize call graph of a Go program using Graphviz
Language: Go - Size: 6.55 MB - Last synced: 18 days ago - Pushed: about 1 month ago - Stars: 5,732 - Forks: 391
hadolint/hadolint
Dockerfile linter, validate inline bash, written in Haskell
Language: Haskell - Size: 3.7 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 9,665 - Forks: 389
semgrep/semgrep-rules
Semgrep rules registry
Language: Solidity - Size: 9.14 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 705 - Forks: 363
phan/phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Language: PHP - Size: 41.5 MB - Last synced: about 12 hours ago - Pushed: 5 days ago - Stars: 5,501 - Forks: 360
dominikh/go-tools
Staticcheck - The advanced Go linter
Language: Go - Size: 4.32 MB - Last synced: 2 days ago - Pushed: 16 days ago - Stars: 5,929 - Forks: 357
microsoft/ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Language: C# - Size: 20 MB - Last synced: 1 day ago - Pushed: 10 days ago - Stars: 4,176 - Forks: 351
Ericsson/codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Language: Python - Size: 37.3 MB - Last synced: 25 days ago - Pushed: 25 days ago - Stars: 2,082 - Forks: 347
phpmd/phpmd
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Language: PHP - Size: 6.86 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 2,291 - Forks: 345
INRIA/spoon
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Language: Java - Size: 33.6 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 1,661 - Forks: 336
shivammathur/setup-php
GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.
Language: TypeScript - Size: 24.6 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 2,800 - Forks: 327
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
Language: CSS - Size: 5.28 MB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 2,326 - Forks: 323
shobrook/adrenaline
Instant answers to any programming question
Size: 127 MB - Last synced: 1 day ago - Pushed: 2 months ago - Stars: 3,717 - Forks: 311
llvm-mirror/clang-tools-extra 📦
Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
Language: C++ - Size: 16.5 MB - Last synced: 26 days ago - Pushed: over 4 years ago - Stars: 395 - Forks: 307
PyCQA/flake8
flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.
Language: Python - Size: 3.49 MB - Last synced: 3 days ago - Pushed: 11 days ago - Stars: 3,276 - Forks: 300
clj-kondo/clj-kondo
Static analyzer and linter for Clojure code that sparks joy
Language: Clojure - Size: 13.5 MB - Last synced: 9 days ago - Pushed: 11 days ago - Stars: 1,661 - Forks: 290
secure-software-engineering/FlowDroid
FlowDroid Static Data Flow Tracker
Language: Java - Size: 55.3 MB - Last synced: 10 days ago - Pushed: 15 days ago - Stars: 1,000 - Forks: 287
uber/NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Language: Java - Size: 4.91 MB - Last synced: 2 days ago - Pushed: 6 days ago - Stars: 3,531 - Forks: 283
troessner/reek
Code smell detector for Ruby
Language: Ruby - Size: 5.69 MB - Last synced: 3 days ago - Pushed: about 1 month ago - Stars: 3,980 - Forks: 279
anchore/anchore-engine 📦
A service that analyzes docker images and scans for vulnerabilities
Language: Python - Size: 178 MB - Last synced: 6 days ago - Pushed: over 1 year ago - Stars: 1,568 - Forks: 274
jenkinsci/warnings-ng-plugin
Jenkins Warnings Plugin - Next Generation
Language: Java - Size: 26 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 327 - Forks: 273
BinaryAnalysisPlatform/bap
Binary Analysis Platform
Language: OCaml - Size: 8.07 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 1,986 - Forks: 271
qax-os/goreporter
A Golang tool that does static analysis, unit testing, code review and generate code quality report.
Language: Go - Size: 28.9 MB - Last synced: about 10 hours ago - Pushed: over 5 years ago - Stars: 3,109 - Forks: 269
rubocop/rubocop-rspec
Code style checking for RSpec files
Language: Ruby - Size: 3.43 MB - Last synced: about 10 hours ago - Pushed: 5 days ago - Stars: 782 - Forks: 267
google/pytype
A static type analyzer for Python code
Language: Python - Size: 41 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,533 - Forks: 264
mgechev/revive
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Language: Go - Size: 5.6 MB - Last synced: about 19 hours ago - Pushed: about 19 hours ago - Stars: 4,630 - Forks: 264
pylint-dev/astroid
A common base representation of python source code for pylint and other projects
Language: Python - Size: 15.7 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 510 - Forks: 261
dart-code-checker/dart-code-metrics 📦
Software analytics tool that helps developers analyse and improve software quality.
Language: Dart - Size: 25.9 MB - Last synced: 8 days ago - Pushed: 10 months ago - Stars: 857 - Forks: 254
SERG-Delft/jpacman-framework
Pacman-inspired game, for teaching testing purposes.
Language: Java - Size: 420 KB - Last synced: 25 days ago - Pushed: over 5 years ago - Stars: 119 - Forks: 254
glebm/i18n-tasks
Manage translation and localization with static analysis, for Ruby i18n
Language: Ruby - Size: 2.68 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 2,015 - Forks: 252
exakat/php-static-analysis-tools
A reviewed list of useful PHP static analysis tools
Size: 184 KB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 2,795 - Forks: 250
sverweij/dependency-cruiser
Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.
Language: JavaScript - Size: 59.6 MB - Last synced: 27 days ago - Pushed: 27 days ago - Stars: 4,941 - Forks: 249
codeclimate/codeclimate
Code Climate CLI
Language: Ruby - Size: 1.59 MB - Last synced: 26 days ago - Pushed: about 1 month ago - Stars: 2,474 - Forks: 248
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Language: Python - Size: 3.2 MB - Last synced: 29 days ago - Pushed: over 3 years ago - Stars: 2,163 - Forks: 238
SonarSource/sonar-dotnet
Code analyzer for C# and VB.NET projects
Language: C# - Size: 131 MB - Last synced: about 16 hours ago - Pushed: about 17 hours ago - Stars: 720 - Forks: 222
stackrox/kube-linter
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
Language: Go - Size: 1.96 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 2,768 - Forks: 221
Tencent/HaboMalHunter
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Language: Python - Size: 1.92 MB - Last synced: 26 days ago - Pushed: about 1 year ago - Stars: 722 - Forks: 220
whitesmith/rubycritic
A Ruby code quality reporter
Language: Ruby - Size: 3.14 MB - Last synced: 8 days ago - Pushed: 25 days ago - Stars: 3,287 - Forks: 220
wala/WALA
T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses
Language: Java - Size: 57.5 MB - Last synced: 9 days ago - Pushed: 10 days ago - Stars: 725 - Forks: 218
scalastyle/scalastyle
scalastyle
Language: Scala - Size: 1.63 MB - Last synced: 3 days ago - Pushed: over 1 year ago - Stars: 677 - Forks: 216
JustasMasiulis/lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Language: C++ - Size: 93.8 KB - Last synced: 3 months ago - Pushed: 9 months ago - Stars: 1,427 - Forks: 216
stelligent/cfn_nag
Linting tool for CloudFormation templates
Language: Ruby - Size: 1.43 MB - Last synced: 5 days ago - Pushed: 9 months ago - Stars: 1,223 - Forks: 207
filipdutescu/modern-cpp-template
A template for modern C++ projects using CMake, Clang-Format, CI, unit testing and more, with support for downstream inclusion.
Language: CMake - Size: 373 KB - Last synced: about 1 month ago - Pushed: about 2 months ago - Stars: 1,598 - Forks: 203
advanced-security/demo-java
GitHub Advanced Security scanning tutorial repository for Java
Language: Java - Size: 3.89 MB - Last synced: 27 days ago - Pushed: about 2 months ago - Stars: 6 - Forks: 201
pascal-lab/Tai-e-assignments
Tai-e assignments for static program analysis
Language: Java - Size: 28.4 MB - Last synced: 6 months ago - Pushed: over 1 year ago - Stars: 924 - Forks: 198
dsherret/ts-morph
TypeScript Compiler API wrapper for static analysis and programmatic code changes.
Language: TypeScript - Size: 27.6 MB - Last synced: 27 days ago - Pushed: 2 months ago - Stars: 4,551 - Forks: 187
felixfbecker/php-language-server
PHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Language: PHP - Size: 1.92 MB - Last synced: 24 days ago - Pushed: 12 months ago - Stars: 1,141 - Forks: 185
jenkinsci/analysis-model
A library to read static analysis reports into a Java object model
Language: Java - Size: 12.5 MB - Last synced: 9 days ago - Pushed: 10 days ago - Stars: 83 - Forks: 180
noidsirius/SootTutorial
A step-by-step tutorial for Soot (a Java static analysis framework)
Language: Java - Size: 5.68 MB - Last synced: 8 days ago - Pushed: over 1 year ago - Stars: 408 - Forks: 176