Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections
QtCreator plugin for some command line tools over a Qt (.pro) project.
qpt (Qt Project Tool) understands Qt C++ projects (.pro) and allows to pass this information to command line tools as "Code Counters" and "Static Analysis tools". It also can used inside QtCreator to act as a plugin for "Static Analysis tools" putting reported issues into QtCreator issues pane.
CvsChangelogBuilder is an utility to generate advanced, differential and/or graphical changelogs, for a project hosted on a CVS server (CVS change log). It provides a better output than the 'cvs log' command, and accept a lot of options.
Koopa is a parser generator, made for Cobol. It can handle source files in isolation (no preprocessing required) and doesn't mind the presence of CICS/SQL fragments. The grammar is easily extensible in a way which minimizes the impact on the overall code.
Diff-ext is an extension for filemanagers such as Windows Explorer and Nautilus that allows to launch diff/merge tools on selected files.
Unique finds patterns in source code. It helps you build better software by finding pieces of code that could benefit from a refactoring.
Port of MS _CrtDbg Memory Leak Detection for WinCE
You are searching _CrtDumpMemoryLeaks(), _CrtSetReportMode() and all the well known Win32 stuff? But you don't find it for your Windows CE or Windows Mobile native C or C++ development? Get tired of Memory Leaks? Handle Leaks? Trouble with Appverify (Application Verifier for WinCE)? Stop searching. Congratulations, you got it!
Direct C++ to C# translator, translates one of the languages to another without compiling. Has academic aim only!!!
Makes a C function call tree as Graphviz DOT file from CScope output.
The purpose of the project is generating a function call tree for a software application written in C. This utility takes as input an uncompressed CScope (http://cscope.sourceforge.net/) output file. With a few options, an output DOT language file can be generated. The DOT file may be used as input for Graphviz (http://www.graphviz.org/) to make an image of the function call tree (see screenshot examples for tceetree run over its sources). For more information, see the Wiki page.
The ASN.1 Development Tools(ADT) is a suit of Eclipse plugins which allow editing, syntax checking of ASN.1 files. Contribution to the asnCompiler extension point can automatically generate C/C++/Java/other language code from ASN.1 files.
Plugin for Qt Creator IDE
This plugin adds info string to the Qt Creator Editor toolbar that counts lines in the current file and whole project if pro-file opened. Required Qt Creator 3.4.0. If you use Qt Creator above 3.4.0 version - download source files and follow the instructions in README (Part 1: MAKING FROM SOURCE). Check README for installation and building instructions. v.0.9.4 2015-04-09 * Ported to Qt5 and QtCreator 3.4.0 rc1. * Internationalization added. * Russian translation added. * Fixed zero project lines count at the begining Qt Creator session. * Minor tests improvements.
PHP Parser analyses PHP scripts including all included files and checks whether variables, constants, functions and classes are both used and defined. The script displays either only errors, a complete data list or the fully annotated script.
Shiny is a lightning fast, fully documented & by-far-easiest-to-use C/C++/Lua profiler with no extensive surgery. Results are smoothed & shown in run-time as a call-tree or sorted-by-time. Output also renderable as graphs in Ogre3D or your custom engine
A StarUML C++ Module supporting incremental reverse engineering.
This StarUML module for C++ provides practical support for legacy systems. It uses the StarUML as a KDM (Knowledge Discovery MetaModel) framework for existing systems. The module provides an incremental reverse engineering for C++ code with a set of configurable options, such as using namespaces or folder as packages, create attributes for relations or handle properties as relations,...
A static checker that model checks the implementation of equality for an Eclipse Java Project.
Translate java source into another language
JavacTo is a prototype tool designed to evaluate the need and value of translating java code into another programming language. An ideal language for translation is a language that supports the concept of packages, classes, interfaces, and enums as well as built-in memory garbage collection. Languages such as C# and D, are well suited as a translation “To” language. Eclipse project provided to get started. Three visitor classes provided to learn how to use JavacTo and write visitor classes. Vistor javadocs available at: http://docs.oracle.com/javase/8/docs/jdk/api/javac/tree/index.html
Ohcount is the source code line counter that powers Ohloh. Ohcount supports over 70 programming languages. Ohcount can also detect popular open source licenses such as GPL determine if code targets a particular programming API, such as Win32 or KDE.
A GUI tool for easily setting up and maintaining PC-Lint for your projects.
This anonymous emailer script written in PHP is a free, opensource project designed to send EMails from anyone to anyone, with additional details such as Reply-To ,an anti-spam CAPTCHA and a WYSIWYG.
Software Enhancement Progress Tracking -- Larger projects fall apart under the weight of their own unfinished improvements. Swept helps developers track where refactorings or improvements have been made and where they are still missing.
Search files for a text string. Like grep but really dumbed down
View current download statistics for software on various sites
progstat: Used to view current download statistics for posted programs on various sites.
jUML is a UML diagram application capable of reverse engineering Java source code to create relationship diagrams, source code generation based on a user created UML diagram, and saving/restoring of jUML projects.
A static source code analyser for Fortran 90 and C++
ChkSem is a static Fortran 90 and C++ source code analyser. Fortran codes are analysed to find potential problems and dead code. This project allows ( for the moment ) to find useless includes and to find missing direct includes for helping programmers to clean C++ codes. This can potentially reduce building time from small programs to huge solutions. This tool is not finalized and new versions will follow, with a GUI with even more features. The project is written in Java to ensure cross-platform compatibility.
Code Search and Replace is a tool for finding and replacing code blocks within a group of files. Avoid tediously changing each page and modify all pages in a selected folder at a time. Quickly and efficiently modify your files and get back to work.