Static Analysis
Explore 88 curated cybersecurity tools, with 15,070 visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to build security programs
Get Featured
Feature your product and reach thousands of professionals.
SAST scanner for identifying security vulnerabilities in source code
SAST scanner for identifying security vulnerabilities in source code
Open source license compliance dataset for detecting code snippets & obligations
Open source license compliance dataset for detecting code snippets & obligations
AI-driven malware sandbox for detecting evasive threats and zero-day attacks
AI-driven malware sandbox for detecting evasive threats and zero-day attacks
Malware analysis platform for detecting and analyzing threats via sandbox
Malware analysis platform for detecting and analyzing threats via sandbox
SAST tool that detects vulnerabilities and malicious code in custom source code
SAST tool that detects vulnerabilities and malicious code in custom source code
AI-powered reverse engineering tool for analyzing compiled binaries
AI-powered reverse engineering tool for analyzing compiled binaries
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.
A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.
SAST tool that analyzes source code for vulnerabilities using virtual compilers
SAST tool that analyzes source code for vulnerabilities using virtual compilers
AI-powered SAST tool for code auditing, vulnerability detection, and remediation
AI-powered SAST tool for code auditing, vulnerability detection, and remediation
AI-driven code analysis tool for API discovery and vulnerability detection
AI-driven code analysis tool for API discovery and vulnerability detection
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
AI-powered automated code security remediation bot for vulnerability fixes
AI-powered automated code security remediation bot for vulnerability fixes
AI-native SAST tool providing contextual code security analysis in pull requests
AI-native SAST tool providing contextual code security analysis in pull requests
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.
Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
