Skip to content

Martian1337/SAST

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
go
go
 
 
java
java
 
 
javascript
javascript
 
 
php
php
 
 
python
python
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

SAST (Static Application Security Testing) Tools and Automation

Many programming languages have dedicated static analysis tools designed for vulnerability detection, bug-finding, and code quality assurance. Here are some popular languages and their commonly used dedicated tools:

Language Dedicated Static Analysis Tools
Python Pylint, Flake8, Bandit (security), Pyright
JavaScript ESLint, JSHint, SonarJS, TSLint (for TypeScript)
Java SpotBugs, PMD, FindBugs, SonarQube
C/C++ Clang-Tidy, Cppcheck, Coverity, SonarQube
C#/.NET Roslyn analyzers, SonarQube, NDepend
PHP PHPStan, Psalm, PHP_CodeSniffer
Go GolangCI-Lint, Staticcheck
Ruby RuboCop, Brakeman (security)
Swift/Objective-C SwiftLint, OCLint
Kotlin Detekt, SonarKotlin
Rust Clippy
Shell/Bash ShellCheck

Additionally, enterprise-grade tools like SonarQube, Checkmarx, Veracode, and Snyk Code support static analysis across multiple languages including many of those listed above.

These tools often provide:

  • Language-specific code checks
  • Security vulnerability detection
  • Code style enforcement
  • Integration with CI/CD pipelines

Purpose

This repository contains scripts and configurations for automating static analysis scans using best-of-breed tools across several programming languages including Python, JavaScript, Java, PHP, Go, and more.

Contents

  • pyscan.sh — Automates Python static analysis with Bandit, Pyright, etc.
  • phpscan.sh — Automates PHP static analysis with PHPStan and Psalm.
  • jsscan.sh — Automates JavaScript static analysis with ESLint.
  • javascan.sh — Automates Java static analysis using Checkstyle and SpotBugs.
  • goscan.sh — Automates Go static analysis with staticcheck and golangci-lint.
  • Other information and supporting files for each tool.

Getting Started

Prerequisites

  • Bash shell environment (Linux/macOS)
  • Language runtimes (Python, Node.js, Java JDK, Go) installed and available in PATH
  • Package managers (pip, npm, Maven, go) installed
  • Internet connection to install missing dependencies

Integration

These scripts can be incorporated into CI/CD pipelines or IDE pre-commit hooks to enable continuous static application security testing (SAST).

References

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages