7 projects tagged "static analysis"
Updated 04 Oct 2012
Frama-C
| Pop | 117.30 |
|---|---|
| Vit | 7.16 |
Frama-C is a suite of tools dedicated to the analysis of the source code of software written in C. Frama-C gathers several static analysis techniques in a single collaborative framework. The collaborative approach allows static analyzers to build upon the results already computed by other analyzers in the framework. It provides sophisticated tools, such as a slicer and dependency analysis.
Updated 06 May 2013
CoFlo
| Pop | 91.67 |
|---|---|
| Vit | 2.08 |
CoFlo is a source code analysis tool that generates and analyzes control flow graphs from C and C++ sources. Control flow graphs can be output in graphical or textual format.
Updated 05 Jul 2012
Lua for IntelliJ IDEA
| Pop | 54.36 |
|---|---|
| Vit | 2.00 |
Lua for IntelliJ IDEA is a plugin that provides support for semantic aware editing of Lua language programs in IntelliJ IDEA. It includes many useful features such as code formatting, semantic identifier coloring, code inspection and refactoring, and much more.
Updated 06 Aug 2009
Goanna
| Pop | 48.99 |
|---|---|
| Vit | 1.78 |
Goanna is an Eclipse plugin that does static analysis of C/C++ source code with model checking. It detects many instances of null pointer de-referencing, double free(), buffer overruns, uninitialized variables, and other common programming mistakes.
Updated 22 May 2012
shanal
| Pop | 38.14 |
|---|---|
| Vit | 1.47 |
shanal provides a modular framework for static analysis of scripts in bash, basic plugins for analysis, and a simple application which uses the framework.
Updated 26 Mar 2013
ThreadFix
| Pop | 84.37 |
|---|---|
| Vit | 1.35 |
ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. It imports the results from dynamic, static, and manual testing to provide a centralized view of software security defects across development teams and applications. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto-generating application firewall rules, this tool allows organizations to continue remediation work uninterrupted. ThreadFix empowers managers with vulnerability trending reports that show progress over time, giving them justification for their efforts.
Updated 22 Apr 2009
Yasca
| Pop | 37.63 |
|---|---|
| Vit | 1.00 |
Yasca is a program that looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It integrates other open source programs, including FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, and Pixy to scan certain file types, as well as custom scanners written for Yasca. It is a command-line tool, with reports generated in HTML, CSV, XML, SQLite, and other formats.
