ShellCheck, a static analysis tool for shell scripts
-
Updated
Apr 1, 2021 - Haskell
#
static-analysis
Here are 1,122 public repositories matching this topic...
A static analyzer for Java, C, C++, and Objective-C
-
Updated
Apr 9, 2021 - HTML
A tool to automatically fix PHP Coding Standards issues
-
Updated
Apr 11, 2021 - PHP
PHP Static Analysis Tool - discover bugs in your code without running it!
-
Updated
Apr 11, 2021 - PHP
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
python
rest
static-analysis
apk
owasp
dynamic-analysis
web-security
malware-analysis
mobsf
android-security
mobile-security
windows-mobile-security
ios-security
mobile-security-framework
api-testing
cwe
devsecops
runtime-security
mstg
masvs
-
Updated
Apr 10, 2021 - Python
PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
-
Updated
Apr 11, 2021 - PHP
A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
-
Updated
Apr 4, 2021 - Rust
Vulnerability Static Analysis for Containers
-
Updated
Apr 9, 2021 - Go
Defund the Police.
list
awesome
static-analysis
chinese
dynamic-analysis
awesome-list
malware-analysis
chinese-translation
malware-research
threat-sharing
threatintel
malware-samples
analysis-framework
automated-analysis
network-traffic
threat-intelligence
domain-analysis
malware-collection
drop-ice
-
Updated
Mar 18, 2021
A static analysis security vulnerability scanner for Ruby on Rails applications
ruby
rails
security
security-audit
static-analysis
security-vulnerability
vulnerabilities
brakeman
security-tools
-
Updated
Mar 18, 2021 - Ruby
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
Updated
Apr 11, 2021 - Java
-
Updated
Mar 25, 2021 - TypeScript
Performant type-checking for python.
python
security
typechecker
static-analysis
ocaml
control-flow-analysis
code-quality
program-analysis
taint-analysis
abstract-interpretation
type-check
-
Updated
Apr 10, 2021 - OCaml
Dockerfile linter, validate inline bash, written in Haskell
docker
dockerfile
haskell
linter
static-analysis
appveyor
travis
shellcheck
ignore-rules
dockerfile-linter
-
Updated
Apr 10, 2021 - Haskell
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
-
Updated
Mar 13, 2021 - PHP
Awesome autocompletion, static analysis and refactoring library for python
-
Updated
Feb 26, 2021 - Python
Useful CMake Examples
unit-testing
cmake
tutorial
cpp
catch
boost
static-analysis
clang
cpack
cppcheck
clang-format
google-test
ctest
-
Updated
Mar 18, 2021 - CMake
Golang security checker
-
Updated
Apr 1, 2021 - Go
A static analysis tool for finding errors in PHP applications
-
Updated
Apr 11, 2021 - PHP
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
-
Updated
Apr 9, 2021 - Elixir
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
detection
static-analysis
security-scanner
security-tools
software-characterization
application-inspector
-
Updated
Apr 6, 2021 - C#
Staticcheck - The advanced Go linter
-
Updated
Apr 10, 2021 - Go
Code smell detector for Ruby
-
Updated
Apr 7, 2021 - Ruby
simon-engledew
commented
Apr 1, 2021
Describe the bug
According to the SARIF spec, invocation should be the child of a run:
https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html#_Toc10540933
Currently build_sarif_output is nesting it at the root of the document, which is producing SARIF which does not conform to the specification:
static analysis of C/C++ code
-
Updated
Apr 11, 2021 - C++
privatenumber
commented
Mar 26, 2021
Improve this page
Add a description, image, and links to the static-analysis topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the static-analysis topic, visit your repo's landing page and select "manage topics."
Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend as a response to a tamper detected
8.7: The app implements multiple mechanisms in each defense category (8.1 to 8.6). Note that resiliency scales with the amount, diversity of the originality of the mechanisms used.
8.8: The detection mechanisms trigger responses of different types, includ