Yasca

Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code, integrating with other open-source tools as needed.

Yasca has been migrated to Github, and is available at http://scovetta.github.com/yasca and http://github.com/scovetta/yasca.

Features

Scans program source code for vulnerabilities
Integrates with FindBugs, PMD, JLint, and other scanners
Works on Windows and Linux

Project Samples

Project Activity

See All Activity >

License

BSD License, GNU General Public License version 2.0 (GPLv2), GNU Library or Lesser General Public License version 2.0 (LGPLv2)

Follow Yasca

Yasca Web Site

Other Useful Business Software

Stop Cyber Threats with VM-Series Next-Gen Firewall on Azure

Native application identity and user-based security for your Azure cloud

Gain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.

Get a free trial

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

robertcorreia Posted 2013-06-13

Great stuff.

1 user found this review helpful.
uponmusic Posted 2013-04-26

Never had any problems with it. Highly recommended!

1 user found this review helpful.

Additional Project Details

Intended Audience

Developers, Financial and Insurance Industry, Information Technology, Quality Engineers

User Interface

Console/Terminal

Programming Language

Java, PHP

Database Environment

MySQL, SQLite

Related Categories

PHP Software Testing Tool, PHP QA Automation Software, Java Software Testing Tool, Java QA Automation Software

Registered

2008-02-28

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Windsurf Editor

The Windsurf Editor is a free AI-powered IDE and AI coding assistant that accelerates development by providing intelligent code generation and agents in over 70 programming languages and more than 40 IDEs, including VSCode, JetBrains, and Jupyter Notebooks. With Windsurf, developers can write...

See Software
Apify

Apify is a full-stack web scraping and automation platform helping anyone get value from the web. At its core is Apify Store, a marketplace with over 10,000 Actors where developers build, publish, and monetize automation tools. Actors are serverless cloud programs that extract data, automate...

See Software
Parasoft

"Parasoft delivers an AI‑powered software testing platform that helps organizations continuously release high‑quality software. Our solutions support embedded and enterprise teams by integrating code analysis, testing, virtualization, and coverage into the delivery pipeline to improve security,...

See Software
Grafana Cloud

Grafana Labs delivers the leading AI-powered observability platform, built around Grafana—the world’s most widely adopted open source technology for dashboards and visualization. Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Observability Platforms, Grafana Labs supports more...

See Software
SurveyJS

SurveyJS is a product family of four open-source JavaScript libraries that provide you with all the advantages of a custom-built in-house survey application while significantly reducing time-to-market and resources required to get the system up and running. The libraries are compatible with most...

See Software