bof-detector |
19.e08367d |
A simple detector of BOF vulnerabilities by source-code-level check. |
|
brakeman |
v5.4.1.r0.g0bc31d9fd |
A static analysis security vulnerability scanner for Ruby on Rails applications. |
|
cflow |
1.7 |
A C program flow analyzer. |
|
cppcheck |
2.10 |
A tool for static C/C++ code analysis |
|
cpptest |
2.0.0 |
A portable and powerful, yet simple, unit testing framework for handling automated tests in C++. |
|
detect-secrets |
v1.4.0.r4.g34f86b0 |
An enterprise friendly way of detecting and preventing secrets in code. |
|
devaudit |
803.ca0a68e |
An open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams. |
|
dscanner |
0.14.0 |
Swiss-army knife for D source code |
|
flawfinder |
2.0.19 |
Searches through source code for potential security flaws |
|
graudit |
606.44111c8 |
Grep rough source code auditing tool. |
|
local-php-security-checker |
v2.0.6.r2.gef59356 |
A command line tool that checks your PHP application packages with known security vulnerabilities. |
|
mosca |
130.a7e725d |
Static analysis tool to find bugs like a grep unix command. |
|
njsscan |
0.3.1 |
A static application testing (SAST) tool that can find insecure code patterns in your node.js applications. |
|
phpstan |
9076.01ce76a20 |
PHP Static Analysis Tool - discover bugs in your code without running it. |
|
pscan |
1.3 |
A limited problem scanner for C source files |
|
rats |
6.4ba54ce |
A rough auditing tool for security in source code files. |
|
semgrep |
0.118.0 |
Lightweight static analysis for many languages. |
|
shellcheck |
0.9.0 |
Shell script analysis tool |
|
slither |
3364.776dcab44 |
Solidity static analysis framework written in Python 3. |
|
snyk |
1.878.0 |
CLI and build-time tool to find and fix known vulnerabilities in open-source dependencies. |
|
splint |
3.1.2.git20180129 |
A tool for statically checking C programs for security vulnerabilities and coding mistakes |
|
spotbugs |
16957.73d952249 |
A tool for static analysis to look for bugs in Java code. |
|
stoq |
769.8bfc78b |
An open source framework for enterprise level automated analysis. |
|
tell-me-your-secrets |
v2.4.1.r0.g8d59fe3 |
Find secrets on any machine from over 120 Different Signatures. |
|
trufflehog |
213.e9ac138 |
Searches through git repositories for high entropy strings, digging deep into commit history. |
|
whispers |
2.1.5.r22.gf19feb5 |
Identify hardcoded secrets in static structured text. |
|
wpbullet |
34.6185112 |
A static code analysis for WordPress (and PHP). |
|
wscript |
201.0410be2 |
Emulator/tracer of the Windows Script Host functionality. |
|
yasca |
2.1 |
Multi-Language Static Analysis Toolset. |
|