ShellCheck, a static analysis tool for shell scripts
-
Updated
Aug 3, 2022 - Haskell
#
static-analysis
Here are 1,438 public repositories matching this topic...
A static analyzer for Java, C, C++, and Objective-C
-
Updated
Aug 8, 2022 - OCaml
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
android
java
bytecode
compiler
jsp
static-analysis
java-decompiler
decompiler
apk
war
smali
bytecode-viewer
dex2jar
fernflower
cfr
baksmali
procyon
recompiler
krakatau
-
Updated
Aug 5, 2022 - Java
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
python
rest
static-analysis
apk
owasp
dynamic-analysis
web-security
malware-analysis
mobsf
android-security
mobile-security
windows-mobile-security
ios-security
mobile-security-framework
api-testing
cwe
devsecops
runtime-security
mstg
masvs
-
Updated
Aug 4, 2022 - JavaScript
A tool to automatically fix PHP Coding Standards issues
-
Updated
Aug 8, 2022 - PHP
PHP Static Analysis Tool - discover bugs in your code without running it!
-
Updated
Aug 8, 2022 - Nunjucks
analysis
static-code-analysis
linter
static-analysis
awesome-list
code-quality
static-analyzers
sast
-
Updated
Aug 5, 2022 - Rust
PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
-
Updated
Aug 6, 2022 - PHP
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
android
ios
static-analysis
reverse-engineering
hacking
mobile-app
android-application
ios-app
dynamic-analysis
pentesting
mobile-security
network-analysis
hacktoberfest
reverse-enginnering
runtime-analysis
mstg
testing-cryptography
compliancy-checklist
-
Updated
Aug 5, 2022 - Python
Vulnerability Static Analysis for Containers
-
Updated
Aug 4, 2022 - Go
Defund the Police.
list
awesome
static-analysis
chinese
dynamic-analysis
awesome-list
malware-analysis
chinese-translation
malware-research
threat-sharing
threatintel
malware-samples
analysis-framework
automated-analysis
network-traffic
threat-intelligence
domain-analysis
malware-collection
drop-ice
-
Updated
Jul 20, 2022
Useful CMake Examples
unit-testing
cmake
tutorial
cpp
catch
boost
static-analysis
clang
cpack
cppcheck
clang-format
google-test
ctest
-
Updated
Aug 8, 2022 - CMake
Dockerfile linter, validate inline bash, written in Haskell
docker
dockerfile
haskell
linter
static-analysis
appveyor
travis
shellcheck
ignore-rules
dockerfile-linter
-
Updated
Aug 8, 2022 - Haskell
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
Updated
Aug 8, 2022 - Java
emjin
commented
Aug 1, 2022
Describe the bug
Patterns:
patterns:
- pattern-regex: hi
- pattern: ...Code:
# hi
a = [
# hi
1,
2,
3
]
"""
hi
"""Expects no matches, gets two.
To Reproduce
https://semgrep.dev/playground/s/enelli:confusion-2?editorMode=advanced
Expected behavior
Expect no matches.
The first match, with the array, i
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
security
security-audit
scanner
static-analysis
smart-contracts
hacking
penetration-testing
vulnerability
infosec
pentesting
database-vulnerability-scanners
vulnerabilities
malware-analysis
binary-analysis
information-security
exploitation-framework
vulnerability-scanners
wifi-security
hacker-tools
security-automation
security-tools
devsecops
apk-analysis
wifi-hacking
pentesting-tools
redteam-tools
code-analyzer
privacy-compliance
-
Updated
Aug 6, 2022
A static analysis security vulnerability scanner for Ruby on Rails applications
ruby
rails
security
security-audit
static-analysis
security-vulnerability
vulnerabilities
brakeman
security-tools
-
Updated
Aug 1, 2022 - Ruby
Golang security checker
-
Updated
Aug 8, 2022 - Go
Performant type-checking for python.
python
security
typechecker
static-analysis
ocaml
control-flow-analysis
code-quality
program-analysis
taint-analysis
abstract-interpretation
type-check
-
Updated
Aug 8, 2022 - OCaml
-
Updated
Mar 25, 2021 - TypeScript
Doarakko
commented
May 15, 2021
Many repositories need to fix, so please help if you like.
If you could help, it would be helpful if you could comment before starting the work not to overlapping.
Fix example
Run exit command after lint.
echo '::group:: Running golangci-lint with reviewdog 🐶 ...'
goPhan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
-
Updated
Aug 8, 2022 - PHP
Awesome autocompletion, static analysis and refactoring library for python
-
Updated
Jul 15, 2022 - Python
Staticcheck - The advanced Go linter
-
Updated
Aug 2, 2022 - Go
Security scanner for your Terraform code
go
aws
security
digitalocean
devops
ci
azure
terraform
scanner
linter
static-analysis
infrastructure-as-code
compliance
google-cloud-platform
vulnerability-scanners
devsecops
misconfiguration
terraform-security
-
Updated
Aug 4, 2022 - Go
AndrolGenhald
commented
Aug 3, 2022
I could have sworn there was a PHP warning for doing bitwise operations on floats, but apparently not... Do we want to add an issue for that to Psalm?
Originally posted by @AndrolGenhald in vimeo/psalm#7992 (comment)
Apparently it is a warning, but only if the float isn't exactly an integer: https://3v4l.org/kWXWH
https
Improve this page
Add a description, image, and links to the static-analysis topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the static-analysis topic, visit your repo's landing page and select "manage topics."
User @AnthonyMDev commented in #1674 about the lack of documentation around how SwiftLint merges nested configuration files. We should document the rules involved in config merging, either in our readme or a separate doc file.
This is a great possible "starter ticket" for users of SwiftLint that would like to contribute (😉 @AnthonyMDev). Looking at [Configuration+Merging.swift](https://github.c