Newest Listing

Top Rated

Most Popular

Tags: BCA

VisualCodeGrepper

Visit the Product Site

VCG is an automated code security review tool for C++, C#, VB, PHP, Java and PL/SQL which is intended to drastically speed up the code review process by identifying bad/insecure code. It has a few features that should make it useful. In addition to perfo ...

Vendornpdunn
Pricing ModelOpen Source
Modified
LAPSE+: The Security Scanner for Java EE Applications

Visit the Product Site

LAPSE+ is a security scanner for detecting vulnerabilities of untrusted data injection in Java EE Applications. It has been developed as a plugin for Eclipse Java Development Environment, working specifically with Eclipse Helios and Java 1.6 or higher. L ...

VendorOWASP
Pricing ModelOpen Source
Modified

Visit the Product Site

DevBug is a basic PHP Static Code Analysis (SCA) tool written mostly in JavaScript. The idea behind DevBug is to make basic PHP Static Code Analysis accessible online, to raise security awareness and to integrate SCA into the development process. DevBug c ...

VendorRyan Dewhurst
Pricing ModelOpen Source
Modified

Visit the Product Site

Flawfinder is a simple program that examines C/C++ source code and reports possible security weaknesses (“flaws”) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely ...

VendorDavid Wheeler
Pricing ModelOpen Source
Modified

Visit the Product Site

Cppcheck is a static analysis tool for C/C++ code. Unlike C/C++ compilers and many other analysis tools it does not detect syntax errors in the code. Cppcheck primarily detects the types of bugs that the compilers normally do not detect. The goal is to de ...

VendorSourceforge
Pricing ModelOpen Source
Modified

Visit the Product Site

PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++, and C#. It works in Windows and Linux environment. PVS-Studio performs static code analysis and generates a report that helps a programmer find and fix bugs. PVS-St ...

VendorViva64
Pricing ModelCommercial
Modified

Visit the Product Site

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

VendorJustin - presidentbeef
Pricing ModelOpen Source
Modified

Visit the Product Site

CAT.NET is command line tool that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow amon ...

VendorMicrosoft
Pricing ModelFreeware
Modified

Visit the Product Site

Matt.Net is a simple GUI wrapper around Microsoft's CAT.NET Code Auditing Tool. It can be used to locate .NET binaries within a given folder and will run CAT.NET on all relevant binaries. Any security flaws identified are logged in a local database for ...

VendorNCC Group Plc
Pricing ModelFreeware
Modified

Visit the Product Site

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enabl ...

VendorIBM
Pricing ModelCommercial
Modified

Visit the Product Site

Veracode Static Analysis is an automated process delivering repeatable results. Veracode Static Analysis (otherwise known as white box testing) can assess the security of microservices, web, mobile and desktop applications Veracode Static Analysis suppor ...

VendorVeracode
Pricing ModelCommercial
Modified

Visit the Product Site

Veracode Web Application Scanning (WAS) offers a unified solution to find, secure, and monitor all of your web applications – not just the ones you know about. First, Veracode discovers and inventories all of your external web applications, then performs ...

VendorVeracode
Pricing ModelCommercial
Modified

Visit the Product Site

The Virtual Scan Appliance (VSA) is a pre-configured virtual appliance that implements our DynamicDS (Deep Scan) engine to probe web applications behind the firewall.

VendorVeracode
Pricing ModelCommercial
Modified
HP Fortify Source Code Analyzer

Visit the Product Site

HP Fortify Static Code Analyzer scans source code, identifies root causes of software security vulnerabilities and correlates and prioritizes results—giving you line–of–code guidance for closing gaps in your security. To verify that the most serious issue ...

VendorHP
Pricing ModelCommercial
Modified
HP Fortify Software Security Center Server

Visit the Product Site

With HP Fortify Software Security Center Server, your security and development teams can quickly triage and fix vulnerabilities identified by HP static and dynamic analyzers. A collaborative web-based workspace and repository let them work together using ...

VendorHP
Pricing ModelCommercial
Modified
HP Fortify on Demand

Visit the Product Site

Fortify on Demand is a cloud-based service. A user uploads the source code, byte code, or binaries of an application, and receives manually reviewed results (generally) in less than 24 hours. Fortify on Demand simplifies the upload process with free autom ...

VendorHP
Pricing ModelService
Modified
Synopsys Static Analysis

Visit the Product Site

Synopsys Static Analysis (Coverity) helps reduce risk and lower overall project cost by identifying critical quality defects and potential security vulnerabilities during development and providing reliable, actionable remediation guidance based on patente ...

VendorSynopsys, Inc.
Pricing ModelCommercial
Modified

Visit the Product Site

OCLint is a static code analysis tool for improving quality and reducing defects by inspecting C, C++ and Objective-C code and looking for potential problems like: Possible bugs - empty if/else/try/catch/finally statements Unused code - unused local v ...

VendorOCLint
Pricing ModelFreeware
Modified

PMD

PMD

Visit the Product Site

PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD find ...

VendorPMD
Pricing ModelFreeware
Modified
CodeNarc

Visit the Product Site

CodeNarc analyzes Groovy code for defects, bad practices, inconsistencies, style issues and more. A flexible framework for rules, rulesets and custom rules means it's easy to configure CodeNarc to fit into your project.

VendorCodeNarc
Pricing ModelFreeware
Modified