Showing 56 open source projects for "static code analysis"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • AI-generated apps that pass security review Icon
    AI-generated apps that pass security review

    Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

    Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
    Try Retool free
  • 1

    PHPCorrector

    XSS and SQLi vulnerabilities corrrector for PHP web applications

    PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    ansvif

    ansvif

    An advanced cross platform fuzzing framework suited to find code bugs.

    ansvif, or A Not So Very Intelligent Fuzzer, suited to find bugs in code by throwing garbage arguments, files, and environment variables at the target program, that you may or may not have the source code to. It supports many features, such as buffer size, randomization of the buffer size, random data injection, templates, and much more. The purpose of this project is to identify bugs in software, specifically bugs that can induce a segmentation fault under various conditions. This aids...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    CapAnalysis

    CapAnalysis

    PCAP from another point of view

    CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis
    Downloads: 35 This Week
    Last Update:
    See Project
  • 4
    __Alien Cipher

    __Alien Cipher

    A bespoke symmetric cipher.

    Released under 'Creative Commons v3' license Alien Cipher is an endeavour to build my own symmetric cipher. The primary aim is to simply learn the fundamentals and finer details of cryptography in general and build working examples of my ideas in code. The code is shared here for posterity (future folk) in the guise that it may help others also on the path to cryptography. This code demo uses a 256bit rolling hash table (8x8bytes) at its heart to mix together pre-defined parameters in a way that allows the cipher to produce encoded output that is locked to a key of arbitrary length without padding. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Catch Bugs Before Your Customers Do Icon
    Catch Bugs Before Your Customers Do

    Real-time error alerts, performance insights, and anomaly detection across your full stack. Free 30-day trial.

    Move from alert to fix before users notice. AppSignal monitors errors, performance bottlenecks, host health, and uptime—all from one dashboard. Instant notifications on deployments, anomaly triggers for memory spikes or error surges, and seamless log management. Works out of the box with Rails, Django, Express, Phoenix, Next.js, and dozens more. Starts at $23/month with no hidden fees.
    Try AppSignal Free
  • 5

    RIPS - PHP Security Analysis

    Free Static Code Analysis Tool for PHP Applications

    RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org). NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/
    Downloads: 6 This Week
    Last Update:
    See Project
  • 6
    Network Tracking Database

    Network Tracking Database

    Track your ARP/MAC table changes and so much more

    The Network Tracking Database (NetDB for short) tracks all changes to the MAC address tables on your switches and the ARP tables on your routers over time stored in MySQL. It supports extensive switch, VLAN and vendor code reports from a CLI or Web App. NetDB can generate CSV reports, track the usage of static IP addresses, record neighbor discovery data and much more. There is now a VM "appliance" with easier upgrades available in the Files section. See the http://netdbtracking.sourceforge.net for more details.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 7

    BTCore

    A Collection of Useful Java/Swing Code

    NEWEST FEATURE ---------- Added one line ".zip" extraction to Util class! Added one line ".zip" extraction from URL (web) and one line file download from URL! BTCore is a library that was designed to be used with all of Banotech's software. It includes a tremendous amount of code snippets and classes that have been boiled down to allow ease of use by everyone. BTCore is, and always will be FREE. It has tools that we scrapped together over our last few projects, and that we found...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    FACPL - Access control policies

    FACPL - Access control policies

    A Java library for Attribute-based Access Control Policies

    FACPL: a Java-based library for the specification and enforcement of Access Control policies - Attribute-based Access Control Policies - Advanced features for the management of, e.g., combining algorithms and missing attributes - Generation of XACML code starting from FACPL code - Generation of FACPL code starting from XACML code Source Code: https://github.com/andreamargheri/FACPL/
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    Web Application Protection

    Web Application Protection

    Tool to detect and correct vulnerabilities in PHP web applications

    ...WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Gemini 3 and 200+ AI Models on One Platform Icon
    Gemini 3 and 200+ AI Models on One Platform

    Access Google's best plus Claude, Llama, and Gemma. Fine-tune and deploy from one console.

    Build generative AI apps with Vertex AI Studio. Switch between models without switching platforms.
    Start Free
  • 10
    theZoo

    theZoo

    A repository of LIVE malwares for malware analysis and security

    theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. theZoo’s purpose is to allow the study of malware and enable people who are interested in malware analysis (or maybe...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 11
    ESSPEE - Penetration Testing & Forensics

    ESSPEE - Penetration Testing & Forensics

    (Android Forensics & Malware Analysis Included)

    ESSPEE - Extreme Security Scanning Penetration testing & Exploitation Environment Ubuntu 12.04 LTS (Precise Pangolin) is purposefully selected as the base Operating System to obtain supports from Ubuntu for a long duration (till Apr 2017). It is packed with featured security tools with very less resource consumption and higher degree of stability. Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it...
    Leader badge
    Downloads: 1 This Week
    Last Update:
    See Project
  • 12
    DEEEP

    DEEEP

    Detector of Integer Vulnerabilities in Software Portability

    DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems. This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    PHParser

    PHParser

    A Lexer and a Parser to PHP scripts

    PHParser 1.2 generates a pure Java parser for PHP programs. Invoking this parser yields an explicit parse tree (AST) and a tree walker suitable for further analysis. This tool package is based upon: - ANTLR 3.2 or higher (www.antlr.org). - JDK 1.6 or higher (java.sun.com). - Grammar specifications of PHP 5.3.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14

    Free-SA

    Free-SA is report generating tool for web, proxy and mail log files

    Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 15

    Forensic Scripts

    Forensic scripts for evidence acquisitions, analysis and more

    This project contains various scripts and code snippets that can easily be deployed by an incident responder or forensic analyst to aid them in either acquiring or analyzing critical data. You can contact me at: interrupt08@users.sf.net or visit my blog, fork(), at https://forksec.wordpress.com/
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16

    NetStress-NG

    NetStress is a DDoS and network stress testing tool.

    Syn Flood Attacks SYNFlood with static source port SYNFlood with random source port SYNFlood with static source ip address SYNFlood with random source address SynFlood with fragmented packets ACK Flood Attacks ACK Flood with static source port ACK Flood with random source port ACK Flood with static source ip address ACK Flood with random source address ACK Flood with fragmented packets FIN Flood Attacks FIN Flood with static source port FIN Flood with random source port FIN Flood with static source ip address FIN Flood with random source address FIN Flood with fragmented packets UDP Flood Attacs Static source port udp flood UDP flood with random source port UDP Flood with static source ip address UDP Flood with random source address UDP Flood with fragmented packets ICMP Flood ICMP Flood with all options random(source ip, icmp type, code) HTTP Flood ... ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17

    Substitution Cipher Decryption

    Decrypt messages encrypted with a substitution cipher

    ...Ciphertext can be modified at any point of the process. • Easy location of corresponding characters in the ciphertext and the substituted text by selection. • Fast frequency analysis for single letters, bigrams, trigrams and quadgrams (more N -grams can be made available by adding a single line of code). • Showing the most common letters (bi-/trigrams) in the ciphertext compared to the most common letters (bi-/trigrams) in the British English language. • Easy assignment and change of the substitution letters...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18

    Post Memory Corruption Memory Analysis

    PMCMA - Post Memory Corruption Memory Analysis

    Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    CesTa (Code Enhancing Security Transformation and Analysis) is a tool for enhancing security by program transformations. Focused on Smart Cards (Java Card in particular), powered by Ant, ANTLR and StringTemplates.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    REL (Research and Education Language) is a simple but very powerfull language with a compiler, an interpreter and a verifier.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
    Downloads: 9 This Week
    Last Update:
    See Project
  • 23
    This project aims to develop a prototype system that explores how we should re-invision computer system design based on changes in how people get the software that they run, as well as advances in static analysis of software.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    using PHP (and some ShellScript) to protect your linux server against bruke force attacks(http://en.wikipedia.org/wiki/Brute_force_attack). also keep a log in MySQL and have email reporting
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    "mASN1" - mini ASN.1 framework is a light ASN.1 framework written in C# for .NET framework. It can be used for creating classes that model ASN.1 types and are capable of encoding/decoding themselves to BER/DER codes. PER support is planned.
    Downloads: 0 This Week
    Last Update:
    See Project
MongoDB Logo MongoDB