| bof-detector |
19.e08367d |
A simple detector of BOF vulnerabilities by source-code-level check. |
|
| brakeman |
v5.4.1.r0.g0bc31d9fd |
A static analysis security vulnerability scanner for Ruby on Rails applications. |
|
| cflow |
1.7 |
A C program flow analyzer. |
|
| cppcheck |
2.10 |
A tool for static C/C++ code analysis |
|
| cpptest |
2.0.0 |
A portable and powerful, yet simple, unit testing framework for handling automated tests in C++. |
|
| detect-secrets |
v1.4.0.r4.g34f86b0 |
An enterprise friendly way of detecting and preventing secrets in code. |
|
| devaudit |
803.ca0a68e |
An open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams. |
|
| dscanner |
0.14.0 |
Swiss-army knife for D source code |
|
| flawfinder |
2.0.19 |
Searches through source code for potential security flaws |
|
| graudit |
606.44111c8 |
Grep rough source code auditing tool. |
|
| local-php-security-checker |
v2.0.6.r2.gef59356 |
A command line tool that checks your PHP application packages with known security vulnerabilities. |
|
| mosca |
130.a7e725d |
Static analysis tool to find bugs like a grep unix command. |
|
| njsscan |
0.3.1 |
A static application testing (SAST) tool that can find insecure code patterns in your node.js applications. |
|
| phpstan |
9076.01ce76a20 |
PHP Static Analysis Tool - discover bugs in your code without running it. |
|
| pscan |
1.3 |
A limited problem scanner for C source files |
|
| rats |
6.4ba54ce |
A rough auditing tool for security in source code files. |
|
| semgrep |
0.118.0 |
Lightweight static analysis for many languages. |
|
| shellcheck |
0.9.0 |
Shell script analysis tool |
|
| slither |
3364.776dcab44 |
Solidity static analysis framework written in Python 3. |
|
| snyk |
1.878.0 |
CLI and build-time tool to find and fix known vulnerabilities in open-source dependencies. |
|
| splint |
3.1.2.git20180129 |
A tool for statically checking C programs for security vulnerabilities and coding mistakes |
|
| spotbugs |
16957.73d952249 |
A tool for static analysis to look for bugs in Java code. |
|
| stoq |
769.8bfc78b |
An open source framework for enterprise level automated analysis. |
|
| tell-me-your-secrets |
v2.4.1.r0.g8d59fe3 |
Find secrets on any machine from over 120 Different Signatures. |
|
| trufflehog |
213.e9ac138 |
Searches through git repositories for high entropy strings, digging deep into commit history. |
|
| whispers |
2.1.5.r22.gf19feb5 |
Identify hardcoded secrets in static structured text. |
|
| wpbullet |
34.6185112 |
A static code analysis for WordPress (and PHP). |
|
| wscript |
201.0410be2 |
Emulator/tracer of the Windows Script Host functionality. |
|
| yasca |
2.1 |
Multi-Language Static Analysis Toolset. |
|