Source Code Analysis
Browse 30 source code analysis tools
FEATURED
SAST tool for finding code quality & security defects in large-scale software
SAST tool for finding code quality & security defects in large-scale software
SAST tool that identifies vulnerabilities in source code across 30+ languages
SAST tool that identifies vulnerabilities in source code across 30+ languages
Source code diversification tool that creates program variants with diversity
Source code diversification tool that creates program variants with diversity
SAST tool for continuous source code vulnerability scanning and remediation
SAST tool for continuous source code vulnerability scanning and remediation
SAST tool using virtual compilers to analyze source code for vulnerabilities
SAST tool using virtual compilers to analyze source code for vulnerabilities
SAST tool using virtual compilers to analyze source code for vulnerabilities
SAST tool using virtual compilers to analyze source code for vulnerabilities
AI-driven SAST tool using virtual compilers for source code analysis
AI-driven SAST tool using virtual compilers for source code analysis
SAST tool for identifying security vulnerabilities in source code
SAST tool for identifying security vulnerabilities in source code
SAST tool that identifies security and quality issues in source code
SAST tool that identifies security and quality issues in source code
SAST engine that scans code commits for security vulnerabilities
SAST engine that scans code commits for security vulnerabilities
Detects and prevents source code leakage and suspicious behavior.
Detects and prevents source code leakage and suspicious behavior.
SAST scanner for identifying security vulnerabilities in source code
SAST scanner for identifying security vulnerabilities in source code
Identifies cryptographic algorithms and libraries in code for compliance
Identifies cryptographic algorithms and libraries in code for compliance
SAST tool that analyzes source code for vulnerabilities using virtual compilers
SAST tool that analyzes source code for vulnerabilities using virtual compilers
Code quality and security platform with SAST, SCA, and AI-powered remediation
Code quality and security platform with SAST, SCA, and AI-powered remediation
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
AI-powered SAST tool that finds and auto-fixes code vulnerabilities in real-time
AI-powered SAST tool that finds and auto-fixes code vulnerabilities in real-time
Static application security testing tool for source code vulnerability scanning
Static application security testing tool for source code vulnerability scanning
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
Betterscan is an orchestration toolchain that coordinates multiple security tools to scan source code and infrastructure as code for security vulnerabilities, compliance risks, secrets, and misconfigurations.
