source-code-auditing-tools
所属分类:自动编程
开发工具:Others
文件大小:0KB
下载次数:0
上传日期:2024-02-07 17:31:36
上 传 者:
sh-1993
说明: 用于各种脚本和编程语言的源代码静态分析和安全审核工具的集合,可以在安全评估期间使用。
(A collection of source code static analysis and security auditing tools for various scripting and programming languages which can be used during security assessments.)
# Source Code Auditing Tools
A collection of source code static analysis and security auditing tools for various scripting and programming languages which can be used during security assessments.
## Go
| Name | Description | URL |
|:-:|:-:|:-:|
| Glasgo | A static analysis tool intended to check for potential security issues. | [https://github.com/ttarvis/glasgo](https://github.com/ttarvis/glasgo) |
| gosec | Inspects source code for security problems by scanning the Go AST. | [https://github.com/securego/gosec](https://github.com/securego/gosec) |
| go-mod-outdated | An easy way to find outdated dependencies of your Go projects. | [https://github.com/psampaz/go-mod-outdated](https://github.com/psampaz/go-mod-outdated) |
| SafeSQL | SafeSQL is a static analysis tool for Go that protects against SQL injections. | [https://github.com/stripe/safesql](https://github.com/stripe/safesql) |
| Nancy | Nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index, and as well, works with Nexus IQ Server, allowing you a smooth experience as a Golang developer, using the best tools in the market! | [https://github.com/sonatype-nexus-community/nancy](https://github.com/sonatype-nexus-community/nancy) |
## PHP
| Name | Description | URL |
|:-:|:-:|:-:|
| Psalm | Psalm is a static analysis tool for finding errors in PHP applications. | [https://github.com/vimeo/psalm](https://github.com/vimeo/psalm) |
| PHPStan | PHPStan focuses on finding errors in your code without actually running it. | [https://github.com/phpstan/phpstan](https://github.com/phpstan/phpstan) |
| Larastan | Larastan is a PHPStan wrapper for laravel and focuses on finding errors in your code without actually running it. | [https://github.com/nunomaduro/larastan](https://github.com/nunomaduro/larastan) |
| RIPS | RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. | [http://rips-scanner.sourceforge.net/](http://rips-scanner.sourceforge.net/) |
## Java
| Name | Description | URL |
|:-:|:-:|:-:|
| Pixee | Pixeebot finds security and code quality issues in your code and creates merge-ready pull requests with recommended fixes. | [https://pixee.ai](https://pixee.ai) |
## Python
| Name | Description | URL |
|:-:|:-:|:-:|
| Pixee | Pixeebot finds security and code quality issues in your code and creates merge-ready pull requests with recommended fixes. | [https://pixee.ai](https://pixee.ai) |
# Contributions
The list of available tools is in no way exhaustive.
There are still many popular languages like C, C++ and Java missing from the list.
Feel free to contribute by adding any relevant source code auditing tools to this repository by creating a pull request.
近期下载者:
相关文件:
收藏者: