Alternatives and similar repositories for static-analysis

Users that are interested in static-analysis are comparing it to the libraries listed below

• Yelp / detect-secrets
  An enterprise friendly way of detecting and preventing secrets in code.
  ☆4,305Updated 8 months ago
• google / oss-fuzz
  OSS-Fuzz - continuous fuzzing for open source software.
  ☆11,559Updated last week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,852Updated last week
• caramelomartins / awesome-linters
  A community-driven list of awesome linters.
  ☆1,036Updated last year
• facebook / watchman
  Watches files and records, or triggers actions, when they change.
  ☆13,351Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,366Updated this week
• docker / docker-bench-security
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,522Updated last year
• secfigo / Awesome-Fuzzing
  A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…
  ☆5,672Updated last year
• thoughtworks / talisman
  Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…
  ☆2,046Updated last week
• yandex / gixy
  Nginx configuration static analyzer
  ☆8,539Updated last year
• joho / awesome-code-review
  An "Awesome" list of code review resources - articles, papers, tools, etc
  ☆4,748Updated last year
• facebook / infer
  A static analyzer for Java, C, C++, and Objective-C
  ☆15,436Updated this week
• AGWA / git-crypt
  Transparent file encryption in git
  ☆9,226Updated last month
• awslabs / git-secrets
  Prevents you from committing secrets and credentials into git repositories
  ☆13,043Updated 2 months ago
• reviewdog / reviewdog
  🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
  ☆8,830Updated this week
• snyk / cli
  Snyk CLI scans and monitors your projects for security vulnerabilities.
  ☆5,315Updated this week
• osquery / osquery
  SQL powered operating system instrumentation, monitoring, and analytics.
  ☆22,866Updated 2 weeks ago
• src-d / hercules
  Gaining advanced insights from Git repository history.
  ☆2,741Updated 2 years ago
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆11,671Updated 3 weeks ago
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆23,930Updated 2 weeks ago
• draios / sysdig
  Linux system exploration and troubleshooting tool with first class support for containers
  ☆8,129Updated 8 months ago
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆5,145Updated this week
• google / fuzzing
  Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
  ☆3,721Updated last year
• huginn / huginn
  Create agents that monitor and act on your behalf. Your agents are standing by!
  ☆48,055Updated this week
• google / clusterfuzz
  Scalable fuzzing infrastructure.
  ☆5,492Updated this week
• aalhour / awesome-compilers
  Curated list of awesome resources on Compilers, Interpreters and Runtimes
  ☆9,538Updated last year
• tj / git-extras
  GIT utilities -- repo summary, repl, changelog population, author commit percentages and more
  ☆17,866Updated 3 weeks ago
• google / syzkaller
  syzkaller is an unsupervised coverage-guided kernel fuzzer
  ☆5,904Updated this week
• StackExchange / blackbox
  Safely store secrets in Git/Mercurial/Subversion
  ☆6,762Updated 2 weeks ago
• k4m4 / terminals-are-sexy
  💥 A curated list of Terminal frameworks, plugins & resources for CLI lovers.
  ☆12,743Updated last year