Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections
Diff-ext is an extension for filemanagers such as Windows Explorer and Nautilus that allows to launch diff/merge tools on selected files.
Koopa is a parser generator, made for Cobol. It can handle source files in isolation (no preprocessing required) and doesn't mind the presence of CICS/SQL fragments. The grammar is easily extensible in a way which minimizes the impact on the overall code.
Unique finds patterns in source code. It helps you build better software by finding pieces of code that could benefit from a refactoring.
Direct C++ to C# translator, translates one of the languages to another without compiling. Has academic aim only!!!
A GUI tool for easily setting up and maintaining PC-Lint for your projects.
Plugin for Qt Creator IDE
This plugin adds info string to the Qt Creator Editor toolbar that counts lines in the current file and whole project if pro-file opened. Required Qt Creator 3.4.0. If you use Qt Creator above 3.4.0 version - download source files and follow the instructions in README (Part 1: MAKING FROM SOURCE). Check README for installation and building instructions. v.0.9.4 2015-04-09 * Ported to Qt5 and QtCreator 3.4.0 rc1. * Internationalization added. * Russian translation added. * Fixed zero project lines count at the begining Qt Creator session. * Minor tests improvements.
Software Enhancement Progress Tracking -- Larger projects fall apart under the weight of their own unfinished improvements. Swept helps developers track where refactorings or improvements have been made and where they are still missing.
A StarUML C++ Module supporting incremental reverse engineering.
This StarUML module for C++ provides practical support for legacy systems. It uses the StarUML as a KDM (Knowledge Discovery MetaModel) framework for existing systems. The module provides an incremental reverse engineering for C++ code with a set of configurable options, such as using namespaces or folder as packages, create attributes for relations or handle properties as relations,...
A library for monitoring the garbage collection of app objects
gcRadar is not a static code anayser but it is a library using which is ment to beused in your source code and it will monitor and report the lifetime events of yuor objects. gcRadar can provide this information by using callbacks, log4j & polling. gcRadar can monitor entities ranging from individula objects to full object trees comprising of is-a & has-a relationships. By using gcRadar you can monitor the lifetime of the objects that are created by your application in runtime, gcRadar enables the application to be aware of the memory constaraints that arise at runtime. The workings of the mythical Java Garbage Collector have for long eluded the common developer. Now by gcRadar enable you to record the life and death of objects at runtime.
Makes a C function call tree as Graphviz DOT file from CScope output.
The purpose of the project is generating a function call tree for a software application written in C. This utility takes as input an uncompressed CScope (http://cscope.sourceforge.net/) output file. With a few options, an output DOT language file can be generated. The DOT file may be used as input for Graphviz (http://www.graphviz.org/) to make an image of the function call tree (see screenshot examples for tceetree run over its sources). For more information, see the Wiki page.
CvsChangelogBuilder is an utility to generate advanced, differential and/or graphical changelogs, for a project hosted on a CVS server (CVS change log). It provides a better output than the 'cvs log' command, and accept a lot of options.
jUML is a UML diagram application capable of reverse engineering Java source code to create relationship diagrams, source code generation based on a user created UML diagram, and saving/restoring of jUML projects.
This is a windows version of my Linux disassembler. It is an old version, no where as good as the Linux version.
Tool to translate Nastran to CodeAster file.
Tool to translate Nastran to CodeAster file.
This anonymous emailer script written in PHP is a free, opensource project designed to send EMails from anyone to anyone, with additional details such as Reply-To ,an anti-spam CAPTCHA and a WYSIWYG.
The ASN.1 Development Tools(ADT) is a suit of Eclipse plugins which allow editing, syntax checking of ASN.1 files. Contribution to the asnCompiler extension point can automatically generate C/C++/Java/other language code from ASN.1 files.
Shiny is a lightning fast, fully documented & by-far-easiest-to-use C/C++/Lua profiler with no extensive surgery. Results are smoothed & shown in run-time as a call-tree or sorted-by-time. Output also renderable as graphs in Ogre3D or your custom engine
A text adventure in Java which is also a tutorial for coders.
This project builds up a classic text adventure which is customisable from XML. It also includes a tutorial which explains how the java code was put together and how it works. Ideal for beginner java coders. For the full tutorial go to the Wiki.
This is a tool for concern mining which uses a KDM model as input and the output is the same model with annotated concerns. It uses a Concern Library and a modified String Clustering K-means algorithm with Levenshtein metric to cluster the strings.
A static source code analyser for Fortran 90 and C++
ChkSem is a static Fortran 90 and C++ source code analyser. Fortran codes are analysed to find potential problems and dead code. This project allows ( for the moment ) to find useless includes and to find missing direct includes for helping programmers to clean C++ codes. This can potentially reduce building time from small programs to huge solutions. This tool is not finalized and new versions will follow, with a GUI with even more features. The project is written in Java to ensure cross-platform compatibility.
Code Search and Replace is a tool for finding and replacing code blocks within a group of files. Avoid tediously changing each page and modify all pages in a selected folder at a time. Quickly and efficiently modify your files and get back to work.
A static checker that model checks the implementation of equality for an Eclipse Java Project.
Translate java source into another language
JavacTo is a prototype tool designed to evaluate the need and value of translating java code into another programming language. An ideal language for translation is a language that supports the concept of packages, classes, interfaces, and enums as well as built-in memory garbage collection. Languages such as C# and D, are well suited as a translation “To” language. Eclipse project provided to get started. Three visitor classes provided to learn how to use JavacTo and write visitor classes. Vistor javadocs available at: http://docs.oracle.com/javase/8/docs/jdk/api/javac/tree/index.html
PHP Parser analyses PHP scripts including all included files and checks whether variables, constants, functions and classes are both used and defined. The script displays either only errors, a complete data list or the fully annotated script.