C Static Code Analysis Tools

View 88 business solutions

Browse free open source C Static Code Analysis Tools and projects below. Use the toggles on the left to filter open source C Static Code Analysis Tools by OS, license, language, programming language, and project status.

  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Crowdtesting That Delivers | Testeum Icon
    Crowdtesting That Delivers | Testeum

    Unfixed bugs delaying your launch? Test with real users globally – check it out for free, results in days.

    Testeum connects your software, app, or website to a worldwide network of testers, delivering detailed feedback in under 48 hours. Ensure functionality and refine UX on real devices, all at a fraction of traditional costs. Trusted by startups and enterprises alike, our platform streamlines quality assurance with actionable insights.
    Click to perfect your product now.
  • 1
    AWS IoT Device Defender Library

    AWS IoT Device Defender Library

    Client library for using AWS IoT Defender service on embedded devices

    The Device Defender library enables you to send device metrics to the AWS IoT Device Defender Service. This library also supports custom metrics, a feature that helps you monitor operational health metrics that are unique to your fleet or use case. For example, you can define a new metric to monitor the memory usage or CPU usage on your devices. This library has no dependencies on any additional libraries other than the standard C library, and therefore, can be used with any MQTT client library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 2
    AWS IoT Fleet Provisioning Library

    AWS IoT Fleet Provisioning Library

    Client library for using AWS IoT Fleet Provisioning service

    The Fleet Provisioning library enables you to provision IoT devices without device certificates using the Fleet Provisioning feature of AWS IoT Core. For an overview of provisioning options available, see Device provisioning. This library has no dependencies on any additional libraries other than the standard C library, and therefore, can be used with any MQTT library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis, and validation of memory safety through the CBMC automated reasoning tool.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    AWS IoT Jobs library

    AWS IoT Jobs library

    Client library for using AWS IoT Jobs service on embedded devices

    The AWS IoT Jobs library helps you notify connected IoT devices of a pending Job. A Job can be used to manage your fleet of devices, update firmware and security certificates on your devices, or perform administrative tasks such as restarting devices and performing diagnostics. It interacts with the AWS IoT Jobs service using MQTT, a lightweight publish-subscribe protocol. This library provides a convenience API to compose and recognize the MQTT topic strings used by the Jobs service. The library is written in C compliant with ISO C90 and MISRA C:2012, and is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone both static code analysis from Coverity.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    AWS IoT Over-the-air Update Library

    AWS IoT Over-the-air Update Library

    Manage the notification of a newly available update

    The OTA library enables you to manage the notification of a newly available update, download the update, and perform cryptographic verification of the firmware update. Using the library, you can logically separate firmware updates from the application running on your devices. The OTA library can share a network connection with the application, saving memory in resource-constrained devices. In addition, the OTA library lets you define application-specific logic for testing, committing, or rolling back a firmware update. The library supports different application protocols like Message Queuing Telemetry Transport (MQTT) and Hypertext Transfer Protocol (HTTP), and provides various configuration options you can fine-tune depending on network type and conditions. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8.
    Downloads: 0 This Week
    Last Update:
    See Project
  • No-Nonsense Code-to-Cloud Security for Devs | Aikido Icon
    No-Nonsense Code-to-Cloud Security for Devs | Aikido

    Connect your GitHub, GitLab, Bitbucket, or Azure DevOps account to start scanning your repos for free.

    Aikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
    Start for Free
  • 5
    AWS SigV4 Library

    AWS SigV4 Library

    AWS library to sign AWS HTTP requests with Signature Version 4

    The AWS SigV4 Library is a standalone library for generating authorization headers and signatures according to the specifications of the Signature Version 4 signing process. Authorization headers are required for authentication when sending HTTP requests to AWS. This library can optionally be used by applications sending direct HTTP requests to AWS services requiring SigV4 authentication. This library has no dependencies on any additional libraries other than the standard C library. This library is distributed under the MIT Open Source License. This library has gone through code quality checks including verification that no function has a GNU Complexity score over 8, and checks against deviations from mandatory rules in the MISRA coding standard. Deviations from the MISRA C:2012 guidelines are documented under MISRA Deviations. This library has also undergone static code analysis using Coverity static analysis, and validation of memory safety through the CBMC automated reasoning tool.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6

    AutoReplacerPlus

    Automatic correction of software bugs and grammar mistakes

    Automatic correction of software bugs announced in compilers (clang, gcc) / Static Code Analysis tools (cppcheck, FindBugs) and grammar/style errors like in LanguageTool. Usage: use tool (e.g. cppcheck) and store results in a text file. Afterwards call: autoreplacerplus mytextfile
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    bearer

    bearer

    Code security scanning tool (SAST) to discover security risks

    Welcome to the Bearer documentation. Bearer is a static application security testing (SAST) tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD). We provides built-in rules against a common set of security risks and vulnerabilities, known as OWASP Top 10. Leakage of sensitive data through cookies, internal loggers, third-party logging services, and into analytics environments. Usage of weak encryption libraries or misusage of encryption algorithms. Unencrypted incoming and outgoing communication (HTTP, FTP, SMTP) of sensitive information. Non-filtered user input. Hard-coded secrets and tokens. Bearer currently supports JavaScript and Ruby stacks, more will follow. Bearer's scanners and reports are your path to analyzing security risks and vulnerabilities in your application.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • Next
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.