Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections
Static code analysis to find violations in a dependency graph
PhpDependencyAnalysis is an extendable static code analysis for object-oriented PHP-Projects to generate dependency graphs from abstract datatypes (Classes, Interfaces and Traits) based on namespaces. Dependencies can be aggregated to build graphs for several levels, like Package-Level or Layer-Level. Each dependency can be verified to a defined architecture.
Visualization of Java thread dumps
This tool allows the user to load, visualize and analyse Java thread dumps that are generated by Visual VM. Please see the Wiki for a Quick Start guide and tutorials.
A desktop app to review code scans
AboutCode Manager provides a UI to help you quickly evaluate license and other notices identified by ScanCode and record your conclusion about the effective license(s) for a software component.
jUML is a UML diagram application capable of reverse engineering Java source code to create relationship diagrams, source code generation based on a user created UML diagram, and saving/restoring of jUML projects.
State Dependency deconstructor and mapper for C source code.
Flowcharts not telling you what you want to know about some C source code? Try a State Dependency map! Every C source file is an implemention of a state machine. Implicit in the definition of a state machine is a network of dependencies between the states. The Automalator * deconstructs the C code into the core state machine * collates the transactions into the dependency net * generates a diagram-format file with the states and dependencies as the nodes and edges. Pre-requisites * Perl - tested with versions 5.12.3, 5.14.2 and 5.20.2, Windows, Linux and MAC * Get the Automalator by downloading the zip, or checking out or exporting the SVN trunk * copy the source code of interest into "project.c" * windows - double-click "src2map.bat" * linux & MAC - navigate the command line to the "project" folder, then run "src2map.sh" * open "project.gml" file with diagramming software.
Just another manual code analysis tool and static analysis tool.
Just another manual code analysis tool and static analysis tool. https://github.com/CoolerVoid/codewarrior
This is trying to create code analyzer for Harbour language code and add it later in HbIDE and use it later in for NetBeans plugin and use it later in other IDEs. I use GIT here. Harbour project https://harbour.github.io/ Docs about ANTLR: https://tomassetti.me/antlr-mega-tutorial http://www.xfront.com/ANTLR/ about v.3: http://www.r-5.org/files/books/computers/compilers/writing/Terence_Parr-The_Definitive_ANTLR_Reference-EN.pdf about v.4: https://pragprog.com/book/tpantlr2/the-definitive-antlr-4-reference and help here https://groups.google.com/forum/#!topic/antlr-discussion
JASTI (Java AST Inspector)
JASTI (Java AST Inspector) is an inspector for the OpenJDK compiler AST
Lint for the pascal programming language
Static Code Analysis (lint) for Pascal Programmed in C++ as Code::Blocks project see Free Pascal for compiler http://www.freepascal.org/ Version: 0.1.0.6 Usage: pascallinter pascalsourcefile pascallinter -help commandline tool
This package will allow people to check, change, update the license of their projects. It will conform to all new licenses available.
LuziensEditor ist eine kleine IDE für Java, C/C++, und Webentwicklung
LuziensEditor ist eine kleine IDE für Java, C/C++, und Webentwicklung mit einigen Besonderheiten. - Direkter Zugriff auf XAMPP - Eigene Konsole - Syntax highligts - Eigene Versionsverwaltung - Programme als Debian Paket verpacken - ...
Simple tool for fixing common misspellings, typos
Utility to fix common misspellings, typos in source codes. There are lots of typical misspellings in program codes. Typically they are more eye-catching in the living code but they can easily hide in comments, examples, samples, notes and documentations. With this utility you can fix a large number of them very quickly. Be aware that the utility does not check or fix file names. It can easily happen that a misspelled word is fixed in a file name in a program's code, but the file itself will not be renamed by this utility. And also important to note to be extra careful when fixing public APIs! A manual review is always needed to verify that nothing has been broken.
RTTI for Python Source Files based on inspect
The 'pysourceinfo' package provides basic runtime information on executed sourcefiles based on 'inspect' and additional sources.