A PHP parser written in PHP
PHP
Updated Apr 29, 2019
#
static-analysis
Repositories 667
A static analyzer for Java, C, C++, and Objective-C
Good first issues
#1083 opened 24 days ago by bmwvvvv
3
Infer maven: Error loading property file '****/${env}.properties
good first task help wanted#1074 opened about 2 months ago by dreaminplus
2
How to intergrate Infer's analysis result into Phabricator?
good first task enhancement#673 opened almost 2 years ago by sencho
10
OCaml
Updated May 3, 2019
PHP Static Analysis Tool - discover bugs in your code without running it!
PHP
Updated May 4, 2019
PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.
Good first issues
[Wiki] Add more information about `parallel` option
Documentation#1732 opened over 1 year ago by jrfnl
3
PHP
Updated Apr 22, 2019
A static analysis security vulnerability scanner for Ruby on Rails applications
ruby
rails
security
static-analysis
vulnerabilities
brakeman
security-vulnerability
security-tools
security-audit
Ruby
Updated May 4, 2019
Static analysis tools for all programming languages
static-analysis
quality
static-analyzers
awesome
linter
list
code-quality
awesome-list
programming-language
Rust
Updated May 2, 2019
Vulnerability Static Analysis for Containers
Good first issues
Postgresql got updated and helm's chart for clair is not running with that new version
low hanging fruit area/distribution#655 opened 6 months ago by agboiza
3
README: some docs links do not work
kind/documentation kind/bug#690 opened 4 months ago by kmoe
add requirement of a db to 'Running Clair' documentation
kind/documentation low hanging fruit kind/bug#512 opened over 1 year ago by eversC
Go
Updated May 3, 2019
Good first issues
Incorrect JSON schema for import-blacklist and variable-name
Difficulty: Easy Domain: Documentation Status: Accepting PRs#4677 opened 11 days ago by chrismbarr
[Question] Import-blacklist by regex does not work as expected
Difficulty: Easy Domain: Documentation Status: Accepting PRs#4660 opened 22 days ago by alxpsr
3
Add code examples for no-floating-promises
Difficulty: Easy Domain: Documentation P1#4654 opened 24 days ago by JoshuaKGoldberg
TypeScript
Updated May 2, 2019
A curated list of awesome malware analysis tools and resources.
malware-analysis
awesome
awesome-list
list
malware-samples
analysis-framework
dynamic-analysis
static-analysis
threat-intelligence
automated-analysis
domain-analysis
network-traffic
threatintel
malware-collection
malware-research
threat-sharing
chinese-translation
chinese
Updated May 4, 2019
Catch common Java mistakes as compile-time errors
Java
Updated May 2, 2019
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it…
Good first issues
Expand XPath IT Regression Testing
easy approved#6207 opened 6 months ago by rnveach
doc: add example to ImportOrder about other groups
easy approved#5982 opened 10 months ago by romani
Java
Updated May 4, 2019
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather t…
Good first issues
Add case-insensitive suggestions for misspelled variables to PhanCommentParamWithoutRealParam
probably easy enhancement#2004 opened 7 months ago by TysonAndre
Suggestions for undeclared class constants should include constants with an identical name but a different class
probably easy enhancement#1902 opened 9 months ago by TysonAndre
PHP
Updated May 4, 2019
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engin…
mobile-app
pentesting
android-application
ios-app
runtime-analysis
network-analysis
static-analysis
reverse-engineering
dynamic-analysis
mobile-security
Good first issues
Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend
Good first issue#1113 opened 4 months ago by commjoen
2
Add Practical Examples for Detection and Exploitation of Code Quality Flaws
Good first issue enhancement#797 opened over 1 year ago by b-mueller
4
HTML
Updated May 4, 2019
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework …
static-analysis
dynamic-analysis
python
mobsf
android-security
mobile-security
windows-mobile-security
ios-security
mobile-security-framework
api-testing
web-security
malware-analysis
runtime-security
ci-cd
devsecops
apk
ipa
Python
Updated May 2, 2019
Awesome autocompletion and static analysis library for python.
Python
Updated Apr 14, 2019
Continuous Inspection
Java
Updated May 1, 2019
Code smell detector for Ruby
Good first issues
#1029 opened over 2 years ago by mvz
2
#986 opened almost 3 years ago by troessner
Ruby
Updated May 1, 2019
A static code analysis tool for the Elixir language with a focus on code consistency and teaching.
Elixir
Updated May 3, 2019
Performant type-checking for python.
python
typechecker
type-check
static-analysis
ocaml
code-quality
abstract-interpretation
security
program-analysis
taint-analysis
control-flow-analysis
Good first issues
Theory of abstract interpretation missing
documentation#136 opened 3 months ago by njayinthehouse
6
#117 opened 6 months ago by SKalt
3
OCaml
Updated May 4, 2019
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead
Good first issues
When reporting error on an initializer, also give line numbers for uninitialized fields
good first issue help wanted#95 opened over 1 year ago by chengniansun
15
Java
Updated May 1, 2019
Official ESLint plugin for Vue.js
JavaScript
Updated May 2, 2019
A Golang tool that does static analysis, unit testing, code review and generate code quality report.
codereview
reporter
golang
golang-tools
test
staticcheck
linter
unit-testing
static-analysis
unit-test
examination
quality-report
Go
Updated Oct 27, 2018
Staticcheck – a collection of static analysis tools for working with Go code
Good first issues
website: generate check documentation from code
documentation#454 opened 9 days ago by dominikh
#449 opened 19 days ago by dominikh
Go
Updated May 4, 2019
A Ruby code quality reporter
Good first issues
Summary of all RubyCritic features that are lacking documentation.
documentation wip#109 opened over 3 years ago by troessner
5
JavaScript
Updated Apr 18, 2019
An extensible multilanguage static code analyzer.
Good first issues
[java] CommentDefaultAccessModifier not working for classes
good first issue an:enhancement#1793 opened 9 days ago by boris-petrov
3
[java] UnusedPrivateField on member annotated with lombok @Delegate
good first issue a:false-positive#1703 opened 2 months ago by RiotR1cket
2
[java] Properly whitelist serialPersistentFields
good first issue a:false-positive#1684 opened 2 months ago by jsotuyod
Java
Updated May 4, 2019
Golang security checker
Go
Updated May 2, 2019
static analysis of C/C++ code
C++
Updated May 4, 2019
It's not just a linter that annoys you!
Good first issues
pylint manpage refers to nonexistent /usr/share/doc/pythonX.Y-pylint/
documentation discussion#1508 opened almost 2 years ago by sandrotosi
4
Python
Updated May 3, 2019
A reviewed list of useful PHP static analysis tools
Updated Mar 7, 2019
A static type analyzer for Python code
Python
Updated May 3, 2019