static-analyzer
There are 150 repositories under static-analyzer topic.
phpstan/phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
llvm-mirror/clang
Mirror kept for legacy. Moved to https://github.com/llvm/llvm-project
e-m-b-a/emba
EMBA - The firmware security analyzer
phpmetrics/PhpMetrics
Beautiful and understandable static analysis tool for PHP
phpmd/phpmd
PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
Ericsson/codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.
KeenSecurityLab/BinAbsInspector
BinAbsInspector: Vulnerability Scanner for Binaries
kalessil/phpinspectionsea
A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)
SVF-tools/SVF
Static Value-Flow Analysis Framework for Source Code
sleekbyte/tailor
Cross-platform static analyzer and linter for Swift.
phpstan/phpdoc-parser
Next-gen phpDoc parser with support for intersection types and generics
SonarSource/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
fkie-cad/cwe_checker
cwe_checker finds vulnerable patterns in binary executables
SonarSource/SonarJS
SonarSource Static Analyzer for JavaScript and TypeScript
SonarSource/sonar-dotnet
Code analyzer for C# and VB.NET projects
Cyber-Buddy/APKHunt
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
alexkohler/prealloc
prealloc is a Go static analysis tool to find slice declarations that could potentially be preallocated.
phpstan/phpstan-doctrine
Doctrine extensions for PHPStan
kowainik/stan
🕵️ Haskell STatic ANalyser
insidersec/insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
mchalupa/dg
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
BurtonQin/lockbud
Statically detect memory, concurrency bugs and possible panic locations for Rust.
vbpf/ebpf-verifier
eBPF verifier based on abstract interpretation
ajinabraham/njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
rizsotto/scan-build
Clang's scan-build re-implementation in python
cs-au-dk/TIP
Static program analysis for TIP
jborgers/sonar-pmd
☕️ PMD Plugin for SonarQube
ECSIM/opem
OPEM (Open Source PEM Fuel Cell Simulation Tool)
cs-au-dk/TAJS
Type Analyzer for JavaScript
florianschanda/miss_hit
MATLAB Independent, Small & Safe, High Integrity Tools - code formatter and more
SoftSec-KAIST/Smartian
Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE '21)
foospidy/GrepBugs
A regex based source code scanner.
alexkohler/nakedret
nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
ajinabraham/libsast
Generic SAST Library
ropas/sparrow
The Sparrow Static Analyzer
integrated-application-development/sonar-delphi
Delphi language plugin for SonarQube