Static Analysis

#software-architecture#memory-safety#coding-guidelines

C++ Core GuidelinesCSS

A collaborative set of guidelines, rules, and best practices for writing modern, safe, and effective C++ code.

Stars44.9k

Forks5.5k

Last commit8 days ago

shellcheckHaskell

A static analysis tool that finds bugs, potential issues, and suggests improvements in bash/sh shell scripts.

#haskell#developer-tools#devops

Stars39.3k

Forks1.9k

Last commit20 days ago

ESLintJavaScript

A pluggable linting utility for identifying and reporting patterns in JavaScript and ECMAScript code.

#developer-tools#linter#static-code-analysis

Stars27.2k

Forks5.0k

#developer-tools#pluggable#linter

ESLintJavaScript

A pluggable linting utility for identifying and reporting patterns in JavaScript and ECMAScript code.

Stars27.2k

Forks5.0k

Mobile-Security-Framework MobSFJavaScript

An automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework.

#mobile-security#web-security#ios-security

Stars20.9k

Forks3.7k

How To Write a C# Analyzer and Code FixC#

Open-source C# and Visual Basic compilers with rich APIs for building code analysis tools.

#hacktoberfest#compiler#ide-extensions

Open-source implementation of C# and Visual Basic compilers with rich APIs for code analysis tools.

#hacktoberfest#compiler#open-source

A tool to enforce Swift style and conventions with over 200 rules, integrated into Xcode and CI/CD workflows.

#hacktoberfest#developer-tools#linter

Stars19.5k

Forks2.3k

Last commit5 days ago

golangci-lintGo

A fast Go linters runner that runs linters in parallel, uses caching, and includes over a hundred linters.

#developer-tools#linter#golangci-lint

Stars18.8k

Forks1.6k

Last commit3 days ago

tyPython

An extremely fast Python type checker and language server written in Rust, offering comprehensive diagnostics and IDE integration.

#developer-tools#language-server#ide-integration

Stars18.4k

Forks282

#code-manipulation#php#development-tools

PHP ParserPHP

A PHP parser written in PHP for static code analysis and manipulation via an abstract syntax tree (AST).

Stars17.4k

Forks1.1k

Last commit1 month ago

SourcetrailC++

A free, cross-platform interactive source explorer for navigating and understanding unfamiliar C, C++, Java, and Python code.

#developer-tools#source-code-explorer#java

Stars16.4k

Forks1.7k

Last commit4 years ago

TypeScript ESLintTypeScript

Monorepo for tooling that enables ESLint to support TypeScript, providing powerful static analysis for JavaScript and TypeScript.

#developer-tools#open-source#plugin

A static analyzer for Java, C, C++, and Objective-C that detects bugs and performance issues.

#objective-c#static-code-analysis#bug-detection

Stars15.6k

Forks2.1k

#bytecode-viewer#android-apk-analysis#apk-decompiler

Bytecode ViewerJava

A lightweight Java/Android reverse engineering suite with decompilers, disassemblers, and advanced analysis tools.

Stars15.5k

Forks1.2k

Last commit22 days ago

Static Analysis & Code QualityRust

A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more.

#hacktoberfest#developer-tools#linter

Stars14.5k

Forks1.5k

awesome-static-analysisRust

A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more.

#hacktoberfest#developer-tools#security-analysis

Stars14.5k

Forks1.5k

Awesome Static AnalysisRust

A curated directory of static analysis (SAST) tools and linters for all programming languages, config files, and build tools.

#hacktoberfest#developer-tools#linter

A static analysis tool for PHP that discovers bugs in your code without running it.

#developer-tools#static-code-analysis#php7

Stars13.9k

Forks950

Last commit1 day ago

Awesome Malware Analysis

A curated list of awesome malware analysis tools, resources, and related information for security professionals.

#digital-forensics#sandbox-analysis#malware-samples

Stars13.7k

Forks2.7k

Last commit1 year ago

Malware Analysis

A curated list of awesome malware analysis tools, resources, and related information for security professionals.

#malware-samples#honeypots#analysis-framework

Stars13.7k

Forks2.7k

Last commit1 year ago

ast-grepRust

A CLI tool for structural code search, linting, and rewriting using abstract syntax trees, written in Rust.

#developer-tools#linter#codemod

A tool that automatically fixes PHP code to follow coding standards and modernizes codebases.

#composer#automated-fixes#code-standards

Stars13.5k

Forks1.6k

#composer#developer-tools#code-standards

Code Style FixerPHP

A tool that automatically fixes PHP code to follow coding standards and modernizes codebases.

Stars13.5k

Forks1.6k

#rust-linter#developer-tools#lint

Rust-ClippyRust

A collection of over 800 lints to catch common mistakes and improve your Rust code.

Stars13.1k

Forks2.0k

Last commit3 days ago

RuboCopRuby

A Ruby static code analyzer and formatter that enforces the community Ruby style guide.

#hacktoberfest#developer-tools#code-formatter

A Ruby static code analyzer and formatter that enforces the community Ruby style guide.

#hacktoberfest#developer-tools#automated-fixes

Stars12.9k

Forks3.1k

Last commit3 days ago

OWASP Mobile Security Testing GuidePython

A comprehensive manual for mobile app security testing and reverse engineering, aligned with OWASP MASVS and MASWE.

#ios-app#runtime-analysis#mobile-security

Stars12.8k

Forks2.7k

#haskell#container-security#shellcheck

hadolintHaskell

A smarter Dockerfile linter that helps you build best practice Docker images by parsing the AST and linting inline Bash.

Haskell Dockerfile LinterHaskell

Forks491

Last commit7 days ago

A smarter Dockerfile linter that helps you build best practice Docker images by parsing the Dockerfile AST and linting inline bash.

#haskell#container-security#shellcheck

#container-security#vulnerability#sbom-analysis

Forks491

Last commit7 days ago

GrypeGo

A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.

Forks788

#container-security#vulnerability#sbom-analysis

GrypeGo

A vulnerability scanner for container images, filesystems, and SBOMs to detect known security issues.

Forks788

#compiler#plugin-system#javascript-parser

AcornJavaScript

A tiny, fast JavaScript parser written entirely in JavaScript, designed for extensibility.

Stars11.4k

Forks1.0k

Last commit16 days ago

ClairGo

Open-source vulnerability static analysis tool for container images (OCI/Docker) via API-based indexing and matching.

#container-security#vulnerabilities#oci

Stars11.0k

Forks1.2k