Static Analysis
A PHP dependency vulnerabilities scanner based on the Security Advisories Database.
A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications
a static analysis tool for finding vulnerabilities in C/C++ source code
Semgrep rules for smart contracts based on DeFi exploits
Hexrays Toolbox - Find code patterns within the Hexrays ctree
BinAbsInspector: Vulnerability Scanner for Binaries
PITracker: Detecting Android PendingIntent Vulnerabilities through Intent Flow Analysis
Visualize call graph of a Go program using Graphviz
Interactive overview of Go packages using dynamic visualization.
Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks
nodejsscan is a static security code scanner for Node.js applications.
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
An interactive web UI for gRPC, along the lines of postman
Static analysis tool for Golang that protects against SQL injections
Static code analysis tool to find unsafe usages in Go packages and their dependencies
Find outdated dependencies of your Go projects. go-mod-outdated provides a table view of the go list -u -m -json all command which lists all dependencies of a Go project and their available minor a…
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
A collection of my Semgrep rules to facilitate vulnerability research.
A framework for automated extraction of static and dynamic features from Android applications
[mirror] the database client and tools for the Go vulnerability database
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc