Search Results for "static code analysis" - Page 2
Sort By:
Showing 76 open source projects for "static code analysis"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
1
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. -
2
sRDI
Shellcode implementation of Reflective DLL Injection
sRDI is a compact project that implements a shellcode form of Reflective DLL Injection, enabling DLLs to be converted into position-independent shellcode and loaded in memory by a small in-process PE loader. The codebase groups a C implementation of a reflective PE loader with multiple loader/wrapper components (native C loader, a .NET loader, Python and PowerShell conversion helpers) so authors can produce and embed sRDI blobs in different environments. The loader aims to behave like a... -
3
Node.js express.js MongoDB JWT REST API
Node.js express.js MongoDB JWT REST API - Basic Project Skeleton
This is a basic API REST skeleton written on JavaScript using async/await. Great for building a starter web API for your front-end (Android, iOS, Vue, react, angular, or anything that can consume an API) This project is created to help other developers create a basic REST API in an easy way with Node.js. This basic example shows how powerful and simple JavaScript can be. Do you want to contribute? Pull requests are always welcome to show more features. Custom email/password user system with... -
4
Blackbone
Windows memory hacking library
...Beyond basic memory operations, Blackbone includes advanced functionality for remote code execution, function hooking, and manual map features that let developers inject and manage modules in foreign processes without relying on the operating system’s loader mechanisms. It supports intricate use cases like injecting DLLs into target applications, performing remote hooks with hardware breakpoints, and handling cross-session thread creation. -
Host LLMs in Production With On-Demand GPUsDeploy your model, get an endpoint, pay only for compute time. No GPU provisioning or infrastructure management required.
-
5
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
6
Insider
Static Application Security Testing (SAST) engine
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on agile and easy-to-implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET. -
7
ThinkTs
Based on koa and typeorm,asynchronous non blocking reactive coding
Based on koa and Typeform, asynchronous nonblocking reactive coding, and a real MVC web framework, inspired by [ThinkPHP + Nestjs + FastAPI], it is also the fastest development speed and fastest performance. -
8
PHPCorrector
XSS and SQLi vulnerabilities corrrector for PHP web applications
PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically. -
9
goflyway
An encrypted HTTP server
master is the active development branch and contains v2 code, for the stable v1 release (though it was once called v2.0), please refer to v1.0 branch. goflyway v2 is a special tool to forward local ports to a remote server securely, just like ssh -L. goflyway uses pure HTTP POST requests to relay TCP connections. There is no CONNECT involved nor needed because goflyway is designed mainly for those people who are behind a CONNECT-less HTTP proxy or want to accelerate connections through static CDNs. ... -
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI Studio. Switch between models without switching platforms.
-
10
ansvif
An advanced cross platform fuzzing framework suited to find code bugs.
ansvif, or A Not So Very Intelligent Fuzzer, suited to find bugs in code by throwing garbage arguments, files, and environment variables at the target program, that you may or may not have the source code to. It supports many features, such as buffer size, randomization of the buffer size, random data injection, templates, and much more. The purpose of this project is to identify bugs in software, specifically bugs that can induce a segmentation fault under various conditions. This aids... -
11
CapAnalysis
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis -
12
__Alien Cipher
A bespoke symmetric cipher.
Released under 'Creative Commons v3' license Alien Cipher is an endeavour to build my own symmetric cipher. The primary aim is to simply learn the fundamentals and finer details of cryptography in general and build working examples of my ideas in code. The code is shared here for posterity (future folk) in the guise that it may help others also on the path to cryptography. This code demo uses a 256bit rolling hash table (8x8bytes) at its heart to mix together pre-defined parameters in a way that allows the cipher to produce encoded output that is locked to a key of arbitrary length without padding. ... -
13
RIPS - PHP Security Analysis
Free Static Code Analysis Tool for PHP Applications
RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/ -
14
Network Tracking Database
Track your ARP/MAC table changes and so much more
The Network Tracking Database (NetDB for short) tracks all changes to the MAC address tables on your switches and the ARP tables on your routers over time stored in MySQL. It supports extensive switch, VLAN and vendor code reports from a CLI or Web App. NetDB can generate CSV reports, track the usage of static IP addresses, record neighbor discovery data and much more. There is now a VM "appliance" with easier upgrades available in the Files section. See the http://netdbtracking.sourceforge.net for more details. -
15
SWF Investigator
Adobe SWF Investigator enables full analysis of SWF applications.
Adobe SWF Investigator is a cross-platform, GUI-based, comprehensive set of tools, which enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications. From a static perspective, you can disassemble ActionScript 2 (AS2) and ActionScript 3 (AS3) SWFs, view SWF tags and make binary changes to SWF files. SWF Investigator also lets you view associated information, including local shared objects (LSOs) and... -
16
BTCore
A Collection of Useful Java/Swing Code
NEWEST FEATURE ---------- Added one line ".zip" extraction to Util class! Added one line ".zip" extraction from URL (web) and one line file download from URL! BTCore is a library that was designed to be used with all of Banotech's software. It includes a tremendous amount of code snippets and classes that have been boiled down to allow ease of use by everyone. BTCore is, and always will be FREE. It has tools that we scrapped together over our last few projects, and that we found... -
17
FACPL - Access control policies
A Java library for Attribute-based Access Control Policies
FACPL: a Java-based library for the specification and enforcement of Access Control policies - Attribute-based Access Control Policies - Advanced features for the management of, e.g., combining algorithms and missing attributes - Generation of XACML code starting from FACPL code - Generation of FACPL code starting from XACML code Source Code: https://github.com/andreamargheri/FACPL/ -
18
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
...WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. ... -
19
theZoo
A repository of LIVE malwares for malware analysis and security
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. theZoo’s purpose is to allow the study of malware and enable people who are interested in malware analysis (or maybe... -
20
XOR encrypt v2.0
Encrypt Your Text documents with XOR encryption
This software provides an easy graphical way to encrypt your text documents from source code , text files ,scripts even jpeg files .It is a enhanced version of my earlier project https://sourceforge.net/p/xorencrypt which used win32 GUI . This is a demonstration of working of XOR encryption which was used by Germans in World War II (http://en.wikipedia.org/wiki/Lorenz_cipher) . Besides from XOR'ing the message with password after every encryption the key changes pseudorandomly.... -
21
ESSPEE - Penetration Testing & Forensics
(Android Forensics & Malware Analysis Included)
ESSPEE - Extreme Security Scanning Penetration testing & Exploitation Environment Ubuntu 12.04 LTS (Precise Pangolin) is purposefully selected as the base Operating System to obtain supports from Ubuntu for a long duration (till Apr 2017). It is packed with featured security tools with very less resource consumption and higher degree of stability. Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it... -
22
Pecker Scanner
A static source code analyser for vulnerabilities in PHP.
A scanner named pecker, written in php,It can check dangerous functions with lexical analysis. to scans files for malicious PHP Code. Github : https://github.com/cfc4n/pecker -
23
DEEEP
Detector of Integer Vulnerabilities in Software Portability
DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems. This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. -
24
PHParser
A Lexer and a Parser to PHP scripts
PHParser 1.2 generates a pure Java parser for PHP programs. Invoking this parser yields an explicit parse tree (AST) and a tree walker suitable for further analysis. This tool package is based upon: - ANTLR 3.2 or higher (www.antlr.org). - JDK 1.6 or higher (java.sun.com). - Grammar specifications of PHP 5.3. -
25
Free-SA
Free-SA is report generating tool for web, proxy and mail log files
Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration.
