Search Results for "fortify static code analyzer"

JS Analyzer is a powerful static analysis tool implemented as a Burp Suite extension that helps security researchers and web developers automatically uncover important artifacts in JavaScript files during web application testing. It parses JavaScript responses intercepted by Burp Suite and intelligently extracts API endpoints, full URLs (including cloud storage links), secrets like API keys or tokens, and email addresses while filtering out noise from irrelevant code patterns. ...

CodeChecker is a static analysis infrastructure built on the LLVM/Clang Static Analyzer toolchain, replacing scan-build in a Linux or macOS (OS X) development environment. Executes Clang-Tidy and Clang Static Analyzer with Cross-Translation Unit analysis, Statistical Analysis (when checkers are available). Creates the JSON compilation database by wiretapping any build process (e.g., CodeChecker log -b "make").

pytype is a static type analyzer that checks and infers types for Python code without executing it, catching errors at “compile time” and generating actionable diagnostics. It grew alongside Python typing at Google and can understand both inline annotations and unannotated code via powerful inference. The tool consumes stub files (.pyi) for the standard library and third-party packages (from typeshed and its own built-ins), enabling accurate checks even in large, mixed-quality codebases. ...

Pylint is a static code analyzer for Python 2 or 3. The latest version supports Python 3.7.2 and above. Pylint analyses your code without actually running it. It checks for errors, enforces a coding standard, looks for code smells, and can make suggestions about how the code could be refactored. Projects that you might want to use alongside pylint include flake8 (faster and simpler checks with very few false positives), mypy, pyright or pyre (typing checks), bandit (security-oriented checks), black and isort (auto-formatting), autoflake (automated removal of unused import or variable), pyupgrade (automated upgrade to newer python syntax) and pydocstringformatter (automated pep257). ...

Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses. Slither is the first open-source static analysis framework for Solidity. Slither is fast and precise; it can find real vulnerabilities in a few seconds...

PlatformIO is a professional collaborative platform for embedded development. A place where Developers and Teams have true Freedom! No more vendor lock-in! A user-friendly and extensible integrated development environment with a set of professional development instruments, providing modern and powerful features to speed up yet simplify the creation and delivery of embedded products. A lightweight but powerful cross-platform source code editor. Smart code completions are based on variable...

Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy...