71 skills found · Page 1 of 3
spotbugs / SpotbugsSpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
pascal-lab / Tai EAn easy-to-learn/use static analysis framework for Java
tabby-sec / TabbyA CAT called tabby ( Code Analysis Tool )
facebook / Mariana TrenchA security focused static analysis tool for Android and Java applications.
wala / WALAT.J. Watson Libraries for Analysis, with front ends for Java, Android, and JavaScript, and many common static program analyses.
OWASP-Benchmark / BenchmarkJavaOWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
MobSF / Mobsfscanmobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
insidersec / InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
eclipse-steady / SteadyAnalyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
Cryin / JavaIDjava source code static code analysis and danger function identify prog
mauricioaniche / CkCode metrics for Java code by means of static analysis
noidsirius / SootTutorialA step-by-step tutorial for Soot (a Java static analysis framework)
novoda / Gradle Static Analysis PluginEasy setup of static analysis tools for Android and Java projects.
Feysh-Group / Corax CommunityCorax for Java: A general static analysis framework for java code checking.
LLVM-but-worse / Maple IrIndustrial IR-based static analysis framework for Java bytecode
mebigfatguy / Fb Contriba FindBugs/SpotBugs plugin for doing static code analysis for java code bases
tomasbjerre / Violations LibJava library for parsing report files from static code analysis.
DanielMichalski / Spring Boot Java Swing ReservationsThe project aims to present how to connect Spring Boot 3 and Java 17 Swing GUI widget toolkit. All application dependencies are provided by Docker Compose. There are also static code analysis tools like PMD and Checkstyle.
jenkinsci / Analysis ModelA library to read static analysis reports into a Java object model
GradleUp / Static Analysis PluginEasy and consistent setup of static analysis tools for Android and Java projects.
