Source Code Analysis
Explore 9 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.
A device security analysis platform that provides comprehensive vulnerability scanning, SBOM management, and supply chain security monitoring for connected devices and their components.
A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.
A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.
A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
Insider is a source code analysis tool focusing on OWASP Top 10 vulnerabilities with easy integration into DevOps pipelines.
Insider is a source code analysis tool focusing on OWASP Top 10 vulnerabilities with easy integration into DevOps pipelines.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A vulnerable web site in NodeJS for testing security source code analyzers.
A vulnerable web site in NodeJS for testing security source code analyzers.