Static Analysis
Showing 36 of 663 projects
Visualize call graphs of Go programs using interactive Graphviz-based diagrams.
A PHPStan extension for Laravel that adds static code analysis to catch bugs and improve code quality.
A tool that generates a JSON compilation database for Clang-based tools by intercepting compiler calls during a build.
A static analysis framework for Solidity and Vyper smart contracts that detects vulnerabilities, enhances code comprehension, and enables custom analyses.
A tool that automatically reformats Java source code to comply with Google Java Style guidelines.
A tool to identify unused code in Swift projects, including advanced cases like redundant protocols and assign-only properties.
A Node.js style checker and lint tool for Markdown/CommonMark files to enforce consistency and standards.
A Java 1-25 parser and abstract syntax tree library with advanced analysis capabilities for source code manipulation.
A tool to scan APK files for URIs, endpoints, secrets, and sensitive data patterns.
An open-source tool that detects capabilities in executable files like malware, identifying behaviors such as backdoor installation or network communication.
An open-source tool that detects capabilities in executable files like malware, identifying behaviors such as backdoor installation or network communication.
An ESLint plugin to lint and validate ES2015+ import/export syntax, preventing issues with misspelling and module resolution.
An extensible static analysis tool that checks TypeScript code for readability, maintainability, and functionality errors.
A static analysis tool for finding errors and security vulnerabilities in PHP applications.
A pluggable linter for Terraform that finds errors, enforces best practices, and supports custom rules.
A copy/paste detector for source code that supports over 150 programming languages and formats.
A static analyzer for PHP that minimizes false positives by attempting to prove incorrectness rather than correctness.
A static analyzer for PHP that minimizes false positives by attempting to prove incorrectness rather than correctness.
Instant PHP quality checks from your console, analyzing code quality, architecture, and coding style.
A fast, small, safe, gradually typed embeddable scripting language derived from Lua, used by Roblox and game developers.
A Claude Code plugin marketplace providing AI-assisted skills for security research, vulnerability detection, and audit workflows.
A static analysis tool that finds security vulnerabilities and misconfigurations in GitHub Actions workflows.
A fast, configurable, extensible, and beautiful drop-in replacement for golint with custom rules and strict presets.
A free Chinese book teaching how to analyze and manipulate Go source code using its Abstract Syntax Tree (AST).
Bloaty is a size profiler for binaries that analyzes what's taking up space inside executable files.
An extensible multilanguage static code analyzer that finds common programming flaws and duplicated code across 20+ languages.
A template for modern C++ projects using CMake, CI, code coverage, clang-format, and reproducible dependency management.
A categorized collection of C++ resources covering analysis, debugging, performance, standardization, and more.
A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.
A static code analyzer that detects security and compliance violations in Infrastructure as Code before provisioning cloud infrastructure.
A comprehensive cheat sheet and tool collection for mobile application penetration testing, mapped to OWASP Mobile Top 10 risks.
A static code analysis tool for Elixir focusing on code consistency, refactoring opportunities, and teaching best practices.
A collection of external type annotations (stubs) for the Python standard library and third-party packages.
A lightweight, extensible quality optimization toolkit for Android applications, focusing on performance, stability, and package size reduction.
An ESLint plugin with over 100 powerful rules to enforce modern JavaScript best practices and catch errors.
A static type analyzer for Python code that performs type inference and checking using inline annotations and interface files.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.