Cfn Nag alternatives for AI agents.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Tfsec is now part of Trivy

A static analysis security vulnerability scanner for Ruby on Rails applications

Code smell detector for Ruby

A Ruby code quality reporter

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

Manage translation and localization with static analysis, for Ruby i18n

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

An extremely fast Python linter and code formatter, written in Rust.

ShellCheck, a static analysis tool for shell scripts

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

A tool to enforce Swift style and conventions.

A static analyzer for Java, C, C++, and Objective-C