🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

ShellCheck, a static analysis tool for shell scripts

An extremely fast Python linter and code formatter, written in Rust.

A tool to enforce Swift style and conventions.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

A PHP parser written in PHP

A static analyzer for Java, C, C++, and Objective-C

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

PHP Static Analysis Tool - discover bugs in your code without running it!

A tool to automatically fix PHP Coding Standards issues

Useful CMake Examples

Defund the Police.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Dockerfile linter, validate inline bash, written in Haskell

Vulnerability Static Analysis for Containers

Continuous Inspection

A vulnerability scanner for container images and filesystems