Alternatives and similar repositories for static-analysis

Users that are interested in static-analysis are comparing it to the libraries listed below

• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,157Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆12,061Updated this week
• secfigo / Awesome-Fuzzing
  A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…
  ☆5,571Updated last year
• koalaman / shellcheck
  ShellCheck, a static analysis tool for shell scripts
  ☆37,739Updated 2 months ago
• alebcay / awesome-shell
  A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.
  ☆34,757Updated 10 months ago
• trufflesecurity / trufflehog
  Find, verify, and analyze leaked credentials
  ☆19,894Updated this week
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,418Updated this week
• dylanaraps / pure-bash-bible
  📖 A collection of pure bash alternatives to external processes.
  ☆39,572Updated last year
• future-architect / vuls
  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
  ☆11,666Updated this week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆21,462Updated last week
• slimtoolkit / slim
  Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it …
  ☆21,928Updated this week
• facebook / pyre-check
  Performant type-checking for python.
  ☆7,058Updated last week
• yandex / gixy
  Nginx configuration static analyzer
  ☆8,485Updated 11 months ago
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆11,346Updated this week
• cs01 / gdbgui
  Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, a…
  ☆10,120Updated 2 weeks ago
• michenriksen / gitrob
  Reconnaissance tool for GitHub organizations
  ☆6,042Updated 2 years ago
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,719Updated this week
• paragonie / awesome-appsec
  A curated list of resources for learning about application security
  ☆6,584Updated 4 months ago
• dbohdan / structured-text-tools
  A list of command-line tools for manipulating structured text data
  ☆7,049Updated 4 months ago
• facebook / infer
  A static analyzer for Java, C, C++, and Objective-C
  ☆15,283Updated this week
• osquery / osquery
  SQL powered operating system instrumentation, monitoring, and analytics.
  ☆22,586Updated last week
• compiler-explorer / compiler-explorer
  Run compilers interactively from your web browser and interact with the assembly
  ☆17,744Updated this week
• Hack-with-Github / Awesome-Hacking
  A collection of various awesome lists for hackers, pentesters and security researchers
  ☆94,930Updated 6 months ago
• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆4,162Updated 4 months ago
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆27,534Updated this week
• getsops / sops
  Simple and flexible tool for managing secrets
  ☆18,917Updated last week
• caramelomartins / awesome-linters
  A community-driven list of awesome linters.
  ☆998Updated 11 months ago
• kdeldycke / awesome-falsehood
  😱 Falsehoods Programmers Believe in
  ☆25,915Updated 3 weeks ago
• sharkdp / fd
  A simple, fast and user-friendly alternative to 'find'
  ☆38,716Updated last week
• google / codesearch
  Fast, indexed regexp search over large file trees
  ☆3,817Updated last month