back to home

Best Open Source static analysis Libraries

A curated list of the most popular GitHub repositories tagged with static analysis. Select any project to visualize its architecture and dive into the codebase using RepoMind's AI engine.

#1WerWolv/ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

52,670C++
Analyze Code

#2astral-sh/ruff

An extremely fast Python linter and code formatter, written in Rust.

45,873Rust
Analyze Code

#3koalaman/shellcheck

ShellCheck, a static analysis tool for shell scripts

39,006Haskell
Analyze Code

#4MobSF/Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

20,433JavaScript
Analyze Code

#5realm/SwiftLint

A tool to enforce Swift style and conventions.

19,461Swift
Analyze Code

#6nikic/PHP-Parser

A PHP parser written in PHP

17,409PHP
Analyze Code

#7analysis-tools-dev/static-analysis

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

14,390Rust
Analyze Code

#8semgrep/semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

14,190OCaml
Analyze Code

#9phpstan/phpstan

PHP Static Analysis Tool - discover bugs in your code without running it!

13,829PHP
Analyze Code

#10PHP-CS-Fixer/PHP-CS-Fixer

A tool to automatically fix PHP Coding Standards issues

13,465PHP
Analyze Code

#11rshipp/awesome-malware-analysis

Defund the Police.

13,457
Analyze Code

#12ttroy50/cmake-examples

Useful CMake Examples

13,068CMake
Analyze Code

#13OWASP/mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

12,727Python
Analyze Code

#14ast-grep/ast-grep

⚡A CLI tool for code structural search, lint and rewriting. Written in Rust

12,541Rust
Analyze Code

#15reviewdog/reviewdog

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

9,089Go
Analyze Code

#16checkstyle/checkstyle

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

8,867Java
Analyze Code

#17We5ter/Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

8,838
Analyze Code

#18securego/gosec

Go security checker

8,690Go
Analyze Code

#19aquasecurity/tfsec

Tfsec is now part of Trivy

6,953Go
Analyze Code

#20detekt/detekt

Static code analysis for Kotlin

6,841Kotlin
Analyze Code

#21dominikh/go-tools

Staticcheck - The advanced Go linter

6,721Go
Analyze Code

#22danmar/cppcheck

static analysis of C/C++ code

6,513C++
Analyze Code