?? A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
nodejsscan is a static security code scanner for Node.js applications.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
基于pytorch的ocr算法库,包括 psenet, pan, dbnet, sast , crnn
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…
Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.
Plugin for JADX to integrate MCP server
"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with the technology stacks of Servlet&filter, Spring,struts,Dubbo,Thrift, jax-rs,jax-ws,JFinal,Netty,MyBatis,and JSP.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."
| 掌勺是什么意思bfb118.com | 天地始交是什么意思hcv8jop6ns7r.cn | 射手座属于什么星象hcv8jop3ns5r.cn | 甜瓜不能和什么一起吃jasonfriends.com | 胸部ct平扫能检查出什么hcv8jop5ns0r.cn |
| 反流性食管炎吃什么中成药最好hcv7jop9ns3r.cn | 例假吃什么水果好hcv8jop8ns6r.cn | 熠熠生辉什么意思dayuxmw.com | 头发属于什么组织hcv8jop5ns9r.cn | 抗宫炎片主要治什么xinmaowt.com |
| yg是什么意思hcv8jop7ns7r.cn | 回奶吃什么快最有效的hcv9jop5ns6r.cn | 725是什么意思hcv9jop3ns2r.cn | 一人一口是什么字hcv8jop9ns7r.cn | 第一个月怀孕有什么反应mmeoe.com |
| 感染梅毒有什么症状hcv9jop8ns1r.cn | 三点水加四读什么hcv7jop4ns8r.cn | 6月20号什么星座hcv9jop1ns8r.cn | 小孩肚子疼是什么原因cl108k.com | 过期化妆品属于什么垃圾hcv9jop3ns1r.cn |