Open Source Source Code Analysis Tools
Sort By:
Source Code Analysis Tools
Browse free open source Source Code Analysis tools and projects for Linux and BSD below. Use the toggles on the left to filter open source Source Code Analysis tools by OS, license, language, programming language, and project status.
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
No-Nonsense Code-to-Cloud Security for Devs | AikidoAikido provides a unified security platform for developers, combining 12 powerful scans like SAST, DAST, and CSPM. AI-driven AutoFix and AutoTriage streamline vulnerability management, while runtime protection blocks attacks.
-
1
Doxygen is a JavaDoc like documentation system for C++, C, Java and IDL.
-
2
PMD
A source code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Salesforce.com Apex, Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, Matlab, Swift. You can fork us on https://github.com/pmd -
3
cppcheck
Static source code analysis tool for C and C++ code
Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information. -
4
tkdiff
Side-by-side diff viewer, editor and merge preparer
tkdiff is a graphical front end to the diff program. It provides a side-by-side view of the differences between two text files, along with several innovative features such as diff bookmarks, a graphical map of differences for quick navigation, and a facility for slicing diff regions to achieve exactly the merge output desired. -
Secure remote access solution to your private network, in the cloud or on-prem.OpenVPN is here to bring simple, flexible, and cost-effective secure remote access to companies of all sizes, regardless of where their resources are located.
-
5
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
6
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
-
7
A general purpose source code indexer and cross-referencer that provides web-based browsing of source code with links to the definition and usage of any identifier. Supports multiple languages. Up-to-date information in http://lxr.sourceforge.net
-
8
UCDetector
Eclipse Plugin to find unused Java code
UCDetector (Unnecessary Code Detector) is a Open Source Eclipse Plugin Tool. UCDetector finds unnecessary (dead) public Java code. It suggests to make code final, protected or private. -
9
Code-warrior
Just another manual code analysis tool and static analysis tool.
Just another manual code analysis tool and static analysis tool. https://github.com/CoolerVoid/codewarrior -
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
10
AdaControl
Ada source code controller
A tool that detects the use of many constructs in Ada programs. Use it to control style or programming rules, but also as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns. -
11
Diff-ext is an extension for filemanagers such as Windows Explorer and Nautilus that allows to launch diff/merge tools on selected files.
-
12
Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.
-
13
-
14
PASTE
An app for storing code, text & more. A popular Open Source pastebin.
Paste is a PHP application for storing code, text and more. DEMO: https://paste.boxlabs.uk/ Initially forked from the freely available source pastebin.com used before the domain was sold in 2010, lots of improvements have been included over the years such as user accounts and a featureful administration backend. See https://github.com/boxlabss/PASTE/blob/master/docs/CHANGELOG.md -
15
cline
Command line tool for counting source code lines
cline is a command line tool that counts code lines or non-whitespace characters in your project folder. It is designed to recursively find any source file matching specific rules and count the line breaks within that file. You may specify file suffixes to include or exclude as well as regular expressions for code lines that shall be excluded (e.g. to exclude comments). By default a heuristic algorithm skips binary files. You may configure the restrictiveness of this algorithm with command line options. -
16
CvsChangelogBuilder is an utility to generate advanced, differential and/or graphical changelogs, for a project hosted on a CVS server (CVS change log). It provides a better output than the 'cvs log' command, and accept a lot of options.
-
17
Provide metrics calculation and dependency analyzer plugin for the Eclipse platform. Measure metrics with avg and std deviation and detect cycles in package and type dependencies. Continuation of work from http://sourceforge.net/projects/metrics.
-
18
It's a web application which provides a unify solution to stat. CVS/SVN repository modules code change information and generate html reports. User can browse line of change, file of change, code diff, check-in comment and so on, it can stat. more repository modules one time. After repository modules configured, stat. is simple like a search.
-
19
MuLanPa
transfer text in diverse formats into specific xml parser-trees
MuLanPa is a source-analyser with a configurable parser and may be may be used for several programming-languages. Its xml-output should be used for tools like project-browsers or code-viewers like moritz (www.sourceforge.net/projects/moritz/) . -
20
tceetree
Makes a C function call tree as Graphviz DOT file from CScope output.
The purpose of the project is generating a function call tree for a software application written in C. This utility takes as input an uncompressed CScope (http://cscope.sourceforge.net/) output file. With a few options, an output DOT language file can be generated. The DOT file may be used as input for Graphviz (http://www.graphviz.org/) to make an image of the function call tree (see screenshot examples for tceetree run over its sources). For more information, see the Wiki page. -
21
Runtime concurrency analysis for Java. Instruments your Java app at run time, and monitors field access, synchronization and locking, to verify concurrent access is safe.
-
22
CoFlo
C and C++ control flow graph generator and analyzer
CoFlo generates Control-Flow Graphs from C and C++ source code. It can then output the graphs in a number of ways and perform various control flow analyses. NOTE: CoFlo has not been under active development for several years. At this time, I suggest you look into LLVM-based tooling to see if there is anything similar to CoFlo which will meet your needs. -
23
JBVD
Java Bytecode Viewer & Decompiler
A very powerful java bytecode viewer and decompiler which makes use of the javassist open source library. -
24
This is a Super Simple Java Editor written entirely in Java. It allows you to compile and run java programs in an mdi interface with syntax highlighting and easy commenting. Currently in suspended development. Available as a jar and an msi.
-
25
Another Open Source Code Analysis Tool
