Flawfinder

Flawfinder is a program that examines C source code and reports possible security weaknesses (``flaws'') sorted by risk level. It's very useful for quickly finding and removing some security problems before a program is widely released.

Features

Easy to use
Easy to install
Reports on a number of different types of vulnerabilities
CWE compatible
Earned CII Best Practices badge
No cost
Open source software with OSI-approved license
Works even if you can't build the software

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 2.0 (GPLv2)

Follow Flawfinder

Flawfinder Web Site

Other Useful Business Software

Gen AI apps are built with MongoDB Atlas

The database for AI-powered applications.

MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.

Start Free

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

User Reviews

Filter Reviews:

All

squinky86 Posted 2017-09-07

Flawfinder gives you a quick first-look at where issues in C/C++ code may be lurking. Its ease of use, friendly development team, and range of detected software weaknesses make it the best value for a quick static analysis scan.

Additional Project Details

Languages

English

Intended Audience

Developers

User Interface

Command-line

Programming Language

Python, C

Related Categories

Python QA Automation Software, C QA Automation Software

Registered

2007-01-15

Similar Business Software

Parasoft

Parasoft helps organizations continuously deliver high-quality software with its AI-powered software testing platform and automated test solutions. Supporting embedded and enterprise markets, Parasoft’s proven technologies reduce the time, effort, and cost of delivering secure, reliable, and...

See Software
Windsurf Editor

The Windsurf Editor is a free AI-powered IDE and AI coding assistant that accelerates development by providing intelligent code generation and agents in over 70 programming languages and more than 40 IDEs, including VSCode, JetBrains, and Jupyter Notebooks. With Windsurf, developers can write...

See Software
Cython

Cython is an optimizing static compiler for both the Python programming language and the extended Cython programming language (based on Pyrex). It makes writing C extensions for Python as easy as Python itself. Cython gives you the combined power of Python and C to let you write Python code that...

See Software