Eslint Plugin Vue alternatives for AI agents.

TypeScript Compiler API wrapper for static analysis and programmatic code changes.

Converts JavaScript to TypeScript and TypeScript to better TypeScript. 🧫

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

SonarSource Static Analyzer for JavaScript and TypeScript

Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.

Codebase intelligence for TypeScript and JavaScript. Free static layer: unused code, duplication, circular deps, complexity hotspots, architecture boundaries. Optional paid runtime layer: hot-path review and cold-path deletion evidence from real production traffic. Rust-native, sub-second, zero-config framework support.

All-in-one devtool to automatically analyze, search and visualize project modules and dependencies from JavaScript, TypeScript (JSX/TSX) and Node.js (ES6, CommonJS)

Node.js dependency tracing utility

GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.

Protect against malicious open source packages 🤖

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Radare2 and Frida better together.

An extremely fast Python linter and code formatter, written in Rust.

ShellCheck, a static analysis tool for shell scripts

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.