Jump to content

User:Nickj/List of tools for static code analysis

From Wikipedia, the free encyclopedia

Anyone is welcome to constructively update this user-page with new information; However if you wish to delete it please email me first, and I will move it off-site.

This is a list of software tools that perform various kinds of static code analysis, grouped by programming language and in alphabetical order:

  • [1] reverse engineering, code navigation, and metrics tool

C and/or C++

[edit]
  • JSLint - An online tool which you can also download and run from command line
  • Javascript Lint - A lint like tool for javascript written in C/C++ and based on JavaScript engine for the Firefox browser.
  • JavaScript Reporter - A static JavaScript analyzer/verifier.
  • CloneDR for JavaScript Detects exact and near-miss duplicate code across large code bases.
  • Fortify [2] - See Fortify Source Code Analysis.
  • http://code.google.com/intl/de-DE/closure/compiler/
  • jsmeter - Javascript code metrics through static analysis. Includes Cyclomatic Complexity, Halstead Metrics, Maintainability Index, etc...
  • Security Reviewer 100+ Rules Specialized for JavaScript and 100+ of Frameworks covered. OWASP, CWE standards. 200+ Quality Metrics. Best Practices. SQALE dashboard.
  • Tcl Cruncher

Not language-specific

[edit]
  • PAG and PAG/WWW - The Program Analyzer Generator, not for a specific language, but for building analyzers.
  • StackAnalyzer - Stack Usage Analysis.
  • CodeHawk™
  • DMS Software Reengineering Toolkit System for implementing custom static analysis tools, with many industrial strength parsers and flow analysis capabilities. Front ends for many langauges/dialects.

Unknown language

[edit]
  • Broadway
  • SLAM
  • BOON
  • Kaylo
[edit]