Open Source Source Code Analysis Tools

google-java-format is a program that reformats Java source code to comply with Google Java Style. The formatter can act on whole files, on limited lines, on specific offsets, passing through to standard-out (default) or altered in-place. There is no configurability as to the formatter's algorithm for formatting. This is a deliberate design decision to unify our code formatting on a single format. The formatter can be used in software that generates java to output more legible java code. Just include the library in your maven/gradle/etc. configuration. A google-java-format IntelliJ plugin is available from the plugin repository. To install it, go to your IDE's settings and select the Plugins category. Click the Marketplace tab, search for the google-java-format plugin, and click the Install button.

ShellCheck is a GPLv3 tool that provides warnings and possible suggestions for bash/sh shell scripts. ShellCheck finds bugs in your shell scripts. You can cabal, apt, dnf, pkg or brew install it locally right now. ShellCheck highlights and clarifies typical beginner's syntax mistakes and issues that cause a shell to give a cryptic error message. It shows typical intermediate level semantic problems that cause a shell to behave in a abnormally and counter-intuitively. It can also discover ssubtle caveats, corner cases and pitfalls that may cause an user's working script to fail under probable future circumstances. ShellCheck.net is always synchronized to the latest git version, and is the simplest way to give ShellCheck a go.

Static code analysis tool you need for your HTML. By default, htmlhint looks for a .htmlhintrc file in the current directory and all parent directories and applies its rules when parsing a file.

Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications.

Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer checks for null pointer exceptions, resource leaks, annotation reachability, missing lock guards, and concurrency race conditions in Android and Java code. Infer checks for null pointer dereferences, memory leaks, coding conventions and unavailable API’s. Start with the Getting Started guide and our other docs to download and try Infer yourself. Infer is still evolving, and we want to continue to develop it in the open. We hope it will be useful for other projects, so please try it out or contribute to it, join the community and give us feedback!

WELCOME TO THE SPLOITFRAMEWORK SPLOIT COMES WITH A PAYLOAD OF THINGS FOR ALL YOUR HACKING NEEDS, SUCH AS 1. Email Phishing 2. Spear Phishing 3. Spoofing 4. Credential Harvester 5. Kayloggers 6. Tabnabbing And More . . .

A command-line Python utility to mine information on open source projects using the ohloh web service APIs. The script is enables analysis of open source projects indexed by ohloh by providing source lines of code (SLOC), contributor data and other info.

Tiny 500b fetch "barely-polyfill". With a module bundler like rollup or webpack, you can import unfetch to use in your code without modifying any globals. While one of Unfetch's goals is to provide a familiar interface, its API may differ from other fetch polyfills/ponyfills. One of the key differences is that Unfetch focuses on implementing the fetch() API, while offering minimal (yet functional) support to the other sections of the Fetch spec, like the Headers class or the Response class. Uses simple arrays instead of iterables, since arrays are iterables. No streaming, just Promisifies existing XMLHttpRequest response bodies. Use in Node.JS is handled by isomorphic-unfetch.