Dynamic program analysis is the analysis of computer software that is performed by executing programs on a real or virtual processor. For dynamic program analysis to be effective, the target program must be executed with sufficient test inputs to produce interesting behavior. Use of software testing measures such as code coverage helps ensure that an adequate slice of the program's set of possible behaviors has been observed. Also, care must be taken to minimize the effect that instrumentation has on the execution (including temporal properties) of the target program. Inadequate testing can lead to catastrophic failures similar to the maiden flight of the Ariane 5 rocket launcher where dynamic execution errors (run time error) resulted in the destruction of the vehicle.
Cenzic: publishes a line of dynamic application security tools that scans web applications for security vulnerabilities.
ClearSQL: is a review and quality control and a code illustration tool for PL/SQL.
CodeDynamics includes a multi-process debugger that support dynamic data and memory analysis. It gives a graphic view of how your memory is used without needing to recompile it and is developed by Rogue Wave Software.
Daikon (system) is an implementation of dynamic invariant detection. Daikon runs a program, observes the values that the program computes, and then reports properties that were true over the observed executions, and thus likely true over all executions.
Dmalloc, library for checking memory allocation and leaks. Software must be recompiled, and all files must include the special C header file dmalloc.h.
DynInst is a runtime code-patching library that is useful in developing dynamic program analysis probes and applying them to compiled executables. Dyninst does not require source code or recompilation in general, however, non-stripped executables and executables with debugging symbols are easier to instrument.
HP Security Suite is a suite of Tools at various stages of development. QAInspect and WebInspect are generally considered Dynamic Analysis Tools, while DevInspect is considered a static code analysis tool.
IBM Rational AppScan is a suite of application security solutions targeted for different stages of the development lifecycle. The suite includes two main dynamic analysis products - IBM Rational AppScan Standard Edition, and IBM Rational AppScan Enterprise Edition. In addition, the suite includes IBM Rational AppScan Source Edition - a static analysis tool.
OpenPAT statically instruments assembly and bytecodes to call a tool with dynamic execution trace information as the program runs. Used to monitor memory usage, for quality assurance and to model new HPC architectures.
ParasoftInsure++ is runtime memory analysis and error detection tool. Its Inuse component provides a graphical view of memory allocations over time, with specific visibility into overall heap usage, block allocations, possible outstanding leaks, etc.
ParasoftJtest uses runtime error detection to expose defects such as race conditions, exceptions, resource & memory leaks, and security attack vulnerabilities.
Prism from CriticalBlue is an tool that dynamically traces software applications at runtime and captures data that can be used to analyze and identify the causes of poor performance.