static-analysis

ShellCheck, a static analysis tool for shell scripts

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

A tool to enforce Swift style and conventions.

A PHP parser written in PHP

A static analyzer for Java, C, C++, and Objective-C

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

A tool to automatically fix PHP Coding Standards issues

PHP Static Analysis Tool - discover bugs in your code without running it!

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

Useful CMake Examples

Vulnerability Static Analysis for Containers

Defund the Police.

Dockerfile linter, validate inline bash, written in Haskell

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

Continuous Inspection

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑