Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: static-analysis
koalaman/shellcheck
ShellCheck, a static analysis tool for shell scripts
Language: Haskell - Size: 5.36 MB - Last synced: 9 days ago - Pushed: 16 days ago - Stars: 35,053 - Forks: 1,719
WerWolv/ImHex
๐ A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Language: C++ - Size: 36.6 MB - Last synced: about 21 hours ago - Pushed: 1 day ago - Stars: 33,110 - Forks: 1,545
astral-sh/ruff
An extremely fast Python linter and code formatter, written in Rust.
Language: Rust - Size: 41.4 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 24,921 - Forks: 797
realm/SwiftLint
A tool to enforce Swift style and conventions.
Language: Swift - Size: 685 MB - Last synced: about 4 hours ago - Pushed: about 4 hours ago - Stars: 18,359 - Forks: 2,180
nikic/PHP-Parser
A PHP parser written in PHP
Language: PHP - Size: 7.24 MB - Last synced: 3 days ago - Pushed: 22 days ago - Stars: 16,849 - Forks: 1,082
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Language: JavaScript - Size: 1.33 GB - Last synced: 9 days ago - Pushed: 27 days ago - Stars: 16,345 - Forks: 3,116
facebook/infer
A static analyzer for Java, C, C++, and Objective-C
Language: OCaml - Size: 176 MB - Last synced: about 23 hours ago - Pushed: about 23 hours ago - Stars: 14,730 - Forks: 1,997
Konloch/bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Language: Java - Size: 618 MB - Last synced: 2 days ago - Pushed: 19 days ago - Stars: 14,364 - Forks: 1,130
analysis-tools-dev/static-analysis
โ๏ธ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Language: Rust - Size: 40.2 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 12,801 - Forks: 1,324
PHP-CS-Fixer/PHP-CS-Fixer
A tool to automatically fix PHP Coding Standards issues
Language: PHP - Size: 30.8 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 12,560 - Forks: 1,548
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
Language: PHP - Size: 4.7 GB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 12,521 - Forks: 857
ttroy50/cmake-examples
Useful CMake Examples
Language: CMake - Size: 541 KB - Last synced: 8 days ago - Pushed: 2 months ago - Stars: 11,961 - Forks: 2,473
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Language: Python - Size: 396 MB - Last synced: 28 days ago - Pushed: about 1 month ago - Stars: 11,248 - Forks: 2,222
rshipp/awesome-malware-analysis
Defund the Police.
Size: 596 KB - Last synced: 10 days ago - Pushed: 17 days ago - Stars: 11,074 - Forks: 2,492
squizlabs/PHP_CodeSniffer
PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
Language: PHP - Size: 193 MB - Last synced: 5 days ago - Pushed: about 1 month ago - Stars: 10,603 - Forks: 1,487
quay/clair
Vulnerability Static Analysis for Containers
Language: Go - Size: 33.2 MB - Last synced: 14 days ago - Pushed: 15 days ago - Stars: 10,041 - Forks: 1,151
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Language: OCaml - Size: 74.9 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 9,668 - Forks: 556
hadolint/hadolint
Dockerfile linter, validate inline bash, written in Haskell
Language: Haskell - Size: 3.7 MB - Last synced: 27 days ago - Pushed: about 2 months ago - Stars: 9,665 - Forks: 389
SonarSource/sonarqube
Continuous Inspection
Language: Java - Size: 900 MB - Last synced: about 15 hours ago - Pushed: about 16 hours ago - Stars: 8,611 - Forks: 1,915
checkstyle/checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Language: Java - Size: 143 MB - Last synced: 9 days ago - Pushed: 9 days ago - Stars: 8,138 - Forks: 3,633
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - ๅฎๅ จ่กไธไปไธ่ ่ช็ ๅผๆบๆซๆๅจๅ่พ
Size: 7.03 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 7,949 - Forks: 2,346
anchore/grype
A vulnerability scanner for container images and filesystems
Language: Go - Size: 4.29 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 7,586 - Forks: 485
securego/gosec
Go security checker
Language: Go - Size: 4.89 MB - Last synced: 20 days ago - Pushed: about 1 month ago - Stars: 7,434 - Forks: 580
reviewdog/reviewdog
๐ถ Automated code review tool integrated with any code analysis tools regardless of programming language
Language: Go - Size: 4.16 MB - Last synced: about 4 hours ago - Pushed: about 11 hours ago - Stars: 7,402 - Forks: 394
presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
Language: Ruby - Size: 37.8 MB - Last synced: 9 days ago - Pushed: 11 days ago - Stars: 6,911 - Forks: 710
google/error-prone
Catch common Java mistakes as compile-time errors
Language: Java - Size: 123 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 6,702 - Forks: 721
facebook/pyre-check
Performant type-checking for python.
Language: OCaml - Size: 113 MB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 6,689 - Forks: 425
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
Language: JavaScript - Size: 12.1 MB - Last synced: about 21 hours ago - Pushed: about 22 hours ago - Stars: 6,643 - Forks: 671
aquasecurity/tfsec
Security scanner for your Terraform code
Language: Go - Size: 114 MB - Last synced: about 3 hours ago - Pushed: 4 days ago - Stars: 6,576 - Forks: 529
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Language: Python - Size: 80.9 MB - Last synced: about 19 hours ago - Pushed: about 20 hours ago - Stars: 6,566 - Forks: 1,048
detekt/detekt
Static code analysis for Kotlin
Language: Kotlin - Size: 113 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 6,010 - Forks: 752
ast-grep/ast-grep
โกA CLI tool for code structural search, lint and rewriting. Written in Rust
Language: Rust - Size: 4.72 MB - Last synced: about 17 hours ago - Pushed: about 19 hours ago - Stars: 5,971 - Forks: 144
dominikh/go-tools
Staticcheck - The advanced Go linter
Language: Go - Size: 4.32 MB - Last synced: 2 days ago - Pushed: 17 days ago - Stars: 5,929 - Forks: 357
palantir/tslint ๐ฆ
:vertical_traffic_light: An extensible linter for the TypeScript language
Language: TypeScript - Size: 14.4 MB - Last synced: about 14 hours ago - Pushed: about 3 years ago - Stars: 5,909 - Forks: 892
ondrajz/go-callvis
Visualize call graph of a Go program using Graphviz
Language: Go - Size: 6.55 MB - Last synced: 18 days ago - Pushed: about 1 month ago - Stars: 5,732 - Forks: 391
davidhalter/jedi
Awesome autocompletion, static analysis and refactoring library for python
Language: Python - Size: 12.6 MB - Last synced: 3 days ago - Pushed: 5 days ago - Stars: 5,679 - Forks: 498
Col-E/Recaf
The modern Java bytecode editor
Language: Java - Size: 53 MB - Last synced: 29 days ago - Pushed: 30 days ago - Stars: 5,524 - Forks: 433
phan/phan
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Language: PHP - Size: 41.5 MB - Last synced: about 19 hours ago - Pushed: 5 days ago - Stars: 5,501 - Forks: 360
danmar/cppcheck
static analysis of C/C++ code
Language: C++ - Size: 150 MB - Last synced: about 14 hours ago - Pushed: about 16 hours ago - Stars: 5,480 - Forks: 1,409
vimeo/psalm
A static analysis tool for finding errors in PHP applications
Language: PHP - Size: 81.9 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 5,440 - Forks: 648
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Language: Go - Size: 17.5 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 5,408 - Forks: 494
pylint-dev/pylint
It's not just a linter that annoys you!
Language: Python - Size: 39 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 5,126 - Forks: 1,085
crytic/slither
Static Analyzer for Solidity and Vyper
Language: Python - Size: 66 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,976 - Forks: 902
sverweij/dependency-cruiser
Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.
Language: JavaScript - Size: 59.6 MB - Last synced: 27 days ago - Pushed: 28 days ago - Stars: 4,941 - Forks: 249
rrrene/credo
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Language: Elixir - Size: 4.89 MB - Last synced: 14 days ago - Pushed: 16 days ago - Stars: 4,842 - Forks: 408
didi/booster
๐Optimizer for mobile applications
Language: Kotlin - Size: 11.3 MB - Last synced: 16 days ago - Pushed: 2 months ago - Stars: 4,776 - Forks: 570
pmd/pmd
An extensible multilanguage static code analyzer.
Language: Java - Size: 450 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,649 - Forks: 1,451
mgechev/revive
๐ฅ ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Language: Go - Size: 5.59 MB - Last synced: about 2 hours ago - Pushed: about 19 hours ago - Stars: 4,631 - Forks: 264
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
Language: Python - Size: 96.7 KB - Last synced: 10 days ago - Pushed: 3 months ago - Stars: 4,600 - Forks: 455
dsherret/ts-morph
TypeScript Compiler API wrapper for static analysis and programmatic code changes.
Language: TypeScript - Size: 27.6 MB - Last synced: 27 days ago - Pushed: 2 months ago - Stars: 4,551 - Forks: 187
google/pytype
A static type analyzer for Python code
Language: Python - Size: 41 MB - Last synced: 27 days ago - Pushed: 29 days ago - Stars: 4,533 - Forks: 264
vuejs/eslint-plugin-vue
Official ESLint plugin for Vue.js
Language: JavaScript - Size: 4.83 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 4,361 - Forks: 647
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Size: 333 KB - Last synced: about 2 months ago - Pushed: 3 months ago - Stars: 4,356 - Forks: 1,213
microsoft/ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Language: C# - Size: 20 MB - Last synced: 1 day ago - Pushed: 11 days ago - Stars: 4,176 - Forks: 351
troessner/reek
Code smell detector for Ruby
Language: Ruby - Size: 5.69 MB - Last synced: 3 days ago - Pushed: about 1 month ago - Stars: 3,980 - Forks: 279
nikolaydubina/go-recipes
๐ฆฉ Tools for Go projects
Language: Go - Size: 20.2 MB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 3,829 - Forks: 143
shobrook/adrenaline
Instant answers to any programming question
Size: 127 MB - Last synced: about 5 hours ago - Pushed: 2 months ago - Stars: 3,716 - Forks: 311
uber/NullAway
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Language: Java - Size: 4.91 MB - Last synced: 2 days ago - Pushed: 6 days ago - Stars: 3,531 - Forks: 283
spotbugs/spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
Language: Java - Size: 138 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 3,328 - Forks: 569
whitesmith/rubycritic
A Ruby code quality reporter
Language: Ruby - Size: 3.14 MB - Last synced: 9 days ago - Pushed: 25 days ago - Stars: 3,287 - Forks: 220
PyCQA/flake8
flake8 is a python tool that glues together pycodestyle, pyflakes, mccabe, and third-party plugins to check the style and quality of some python code.
Language: Python - Size: 3.49 MB - Last synced: 3 days ago - Pushed: 12 days ago - Stars: 3,276 - Forks: 300
qax-os/goreporter
A Golang tool that does static analysis, unit testing, code review and generate code quality report.
Language: Go - Size: 28.9 MB - Last synced: about 17 hours ago - Pushed: over 5 years ago - Stars: 3,109 - Forks: 269
amilajack/reading
A list of computer-science readings I recommend
Size: 523 MB - Last synced: 27 days ago - Pushed: over 1 year ago - Stars: 2,847 - Forks: 645
uber-go/nilaway
Static analysis tool to detect potential nil panics in Go code
Language: Go - Size: 820 KB - Last synced: about 6 hours ago - Pushed: about 7 hours ago - Stars: 2,808 - Forks: 52
shivammathur/setup-php
GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.
Language: TypeScript - Size: 24.6 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 2,800 - Forks: 327
soot-oss/soot
Soot - A Java optimization framework
Language: Java - Size: 608 MB - Last synced: 3 days ago - Pushed: 9 days ago - Stars: 2,799 - Forks: 707
exakat/php-static-analysis-tools
A reviewed list of useful PHP static analysis tools
Size: 184 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 2,795 - Forks: 250
stackrox/kube-linter
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
Language: Go - Size: 1.96 MB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 2,768 - Forks: 221
codeclimate/codeclimate
Code Climate CLI
Language: Ruby - Size: 1.59 MB - Last synced: 26 days ago - Pushed: about 1 month ago - Stars: 2,474 - Forks: 248
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
Language: CSS - Size: 5.28 MB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 2,326 - Forks: 323
phpmd/phpmd
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Language: PHP - Size: 6.86 MB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 2,291 - Forks: 345
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Language: Java - Size: 7.35 MB - Last synced: about 3 hours ago - Pushed: 11 days ago - Stars: 2,207 - Forks: 463
praetorian-inc/gokart ๐ฆ
A static analysis tool for securing Go code
Language: Go - Size: 189 KB - Last synced: 22 days ago - Pushed: 4 months ago - Stars: 2,168 - Forks: 112
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Language: Python - Size: 3.2 MB - Last synced: 30 days ago - Pushed: over 3 years ago - Stars: 2,163 - Forks: 238
Ericsson/codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
Language: Python - Size: 37.3 MB - Last synced: 26 days ago - Pushed: 26 days ago - Stars: 2,082 - Forks: 347
glebm/i18n-tasks
Manage translation and localization with static analysis, for Ruby i18n
Language: Ruby - Size: 2.68 MB - Last synced: 27 days ago - Pushed: about 1 month ago - Stars: 2,015 - Forks: 252
mtshiba/pylyzer
A fast static code analyzer & language server for Python
Language: Rust - Size: 2.82 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 1,988 - Forks: 30
NASA-SW-VnV/ikos
Static analyzer for C/C++ based on the theory of Abstract Interpretation.
Language: C++ - Size: 5 MB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 1,988 - Forks: 150
BinaryAnalysisPlatform/bap
Binary Analysis Platform
Language: OCaml - Size: 8.07 MB - Last synced: 5 days ago - Pushed: 7 days ago - Stars: 1,986 - Forks: 271
JoshuaKGoldberg/TypeStat
Converts JavaScript to TypeScript and TypeScript to better TypeScript. ๐งซ
Language: TypeScript - Size: 5.68 MB - Last synced: 9 days ago - Pushed: 11 days ago - Stars: 1,939 - Forks: 36
mbj/mutant
Automated code reviews via mutation testing - semantic code coverage.
Language: Ruby - Size: 5.49 MB - Last synced: 3 days ago - Pushed: 3 days ago - Stars: 1,926 - Forks: 150
guardrailsio/awesome-golang-security
Awesome Golang Security resources ๐ถ๐
Size: 40 KB - Last synced: about 14 hours ago - Pushed: over 1 year ago - Stars: 1,884 - Forks: 144
willcrichton/flowistry
Flowistry is an IDE plugin for Rust that helps you focus on relevant code.
Language: Rust - Size: 69.9 MB - Last synced: 23 days ago - Pushed: 3 months ago - Stars: 1,815 - Forks: 39
friendlyanon/cmake-init
The missing CMake project initializer
Language: CMake - Size: 2.78 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 1,811 - Forks: 69
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Language: Go - Size: 22.7 MB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 1,749 - Forks: 81
clj-kondo/clj-kondo
Static analyzer and linter for Clojure code that sparks joy
Language: Clojure - Size: 13.5 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 1,661 - Forks: 290
INRIA/spoon
Spoon is a metaprogramming library to analyze and transform Java source code. :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
Language: Java - Size: 33.6 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 1,661 - Forks: 336
athkalia/Just-Another-Android-App ๐ฆ
An Android base app with loads of cool libraries/configuration NOT MAINTAINED
Language: Java - Size: 2.13 MB - Last synced: about 1 month ago - Pushed: over 3 years ago - Stars: 1,622 - Forks: 174
nccgroup/sobelow
Security-focused static analysis for the Phoenix Framework
Language: Elixir - Size: 1.33 MB - Last synced: 3 days ago - Pushed: about 1 month ago - Stars: 1,613 - Forks: 91
filipdutescu/modern-cpp-template
A template for modern C++ projects using CMake, Clang-Format, CI, unit testing and more, with support for downstream inclusion.
Language: CMake - Size: 373 KB - Last synced: about 1 month ago - Pushed: about 2 months ago - Stars: 1,598 - Forks: 203
rubik/radon
Various code metrics for Python code
Language: Python - Size: 2.59 MB - Last synced: 21 days ago - Pushed: 2 months ago - Stars: 1,595 - Forks: 113
anchore/anchore-engine ๐ฆ
A service that analyzes docker images and scans for vulnerabilities
Language: Python - Size: 178 MB - Last synced: 6 days ago - Pushed: over 1 year ago - Stars: 1,568 - Forks: 274
SamboyCoding/Cpp2IL
Work-in-progress tool to reverse unity's IL2CPP toolchain.
Language: C# - Size: 46.2 MB - Last synced: 3 days ago - Pushed: 12 days ago - Stars: 1,468 - Forks: 168
bytedance/appshark
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Language: Kotlin - Size: 201 MB - Last synced: 3 days ago - Pushed: 4 months ago - Stars: 1,436 - Forks: 157
JustasMasiulis/lazy_importer
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Language: C++ - Size: 93.8 KB - Last synced: 3 months ago - Pushed: 9 months ago - Stars: 1,427 - Forks: 216
kalessil/phpinspectionsea
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
Language: Java - Size: 127 MB - Last synced: 23 days ago - Pushed: about 1 year ago - Stars: 1,426 - Forks: 118
das-labor/panopticon
A libre cross-platform disassembler.
Language: Rust - Size: 7.9 MB - Last synced: 3 days ago - Pushed: over 5 years ago - Stars: 1,422 - Forks: 86
yinwang0/pysonar2
PySonar2: a semantic indexer for Python with interprocedual type inference
Language: Java - Size: 8.78 MB - Last synced: 3 months ago - Pushed: almost 2 years ago - Stars: 1,366 - Forks: 510
SVF-tools/SVF
Static Value-Flow Analysis Framework for Source Code
Language: C++ - Size: 17.9 MB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 1,305 - Forks: 417
pascal-lab/Tai-e
An easy-to-learn/use static analysis framework for Java
Language: Java - Size: 12.1 MB - Last synced: 18 days ago - Pushed: 18 days ago - Stars: 1,238 - Forks: 157