code-audit.md

opensource-code-audit

A collection of open source code auditing tools

Collections

Lists maintained by 3rd-party

• exakat/php-static-analysis-tools - A reviewed list of useful PHP static analysis tools

Signature database

• pwnsdx/BadCode - a signature database for static source code scanner that identify bad security practices.
• wireghoul/graudit - Grep rough audit - source code auditing tool
• frizb/SourceCodeSniffer - The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions

Detection of known vulnerability

• RetireJS - Scanner detecting the use of JavaScript libraries with known vulnerabilities
• snyk.io - helps you use open source and stay secure
• nodesecurity.io - Continuous Security monitoring for your node apps
• OWASP Dependency Check - a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities
  • 【知识库】Dependency-check依赖检查工具

All-in-one suite

• FeeiCN/cobra - Source Code Security Audit (源代码安全审计)
• SonarSource - Continuous Code Quality

Browser extension

• elevenpaths/neto - Neto | A tool to analyse browser extensions

C++

• vusec/typesan - TypeSan checks casts in C++ code - code released for CCS 2016
• secure-software-engineering/phasar - A LLVM-based static analysis framework. https://phasar.org
• GoSSIP-SJTU/TripleDoggy - 基于clang static analyzer的源码漏洞检测插件

Javascript

• dpnishant/jsprime - a javascript static security analysis tool

Firmware

• PreOS-Security/fwaudit - Platform Firmware Auditing Tool
• firmadyne/firmadyne - System for emulation and dynamic analysis of Linux-based firmware

Ruby

• thesp0nge/dawnscanner - a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks
• presidentbeef/brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications

Git tool

• awslabs/git-secrets - Prevents you from committing secrets and credentials into git repositories

Linux kernel

• xairy/linux-kernel-exploitation - A bunch of links related to Linux kernel exploitation

Golang

• securego/gosec - Golang security checker

NodeJS

• ajinabraham/NodeJsScan - NodeJsScan is a static security code scanner for Node.js applications

DotNet

• pumasecurity/puma-scan - the leading software security Visual Studio analyzer extension. Built on top of Roslyn, the open-source .NET Compiler Platform, Puma Scan provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, ...

Java

• fergarrui/custom-bytecode-analyzer - Java bytecode analyzer customizable via JSON rule
• GrrrDog/Java-Deserialization-Cheat-Sheet - The cheat sheet about Java Deserialization vulnerabilities

Python

• python-security/pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
• PyCQA/bandit - a tool designed to find common security issues in Python code

PHP

• Qihoo360/phptrace - A tracing and troubleshooting tool for PHP scripts
• fate0/prvd - PHP Runtime Vulnerability Detection
• laruence/taint - Taint is a PHP extension, used for detecting XSS codes - 污点检测，只做了GPC
• fate0/prvd - PHP Runtime Vulnerability Detection

Android

• vincentcox/StaCoAn - a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications

Uncategorized

• nccgroup/sobelow - Security-focused static analysis for the Phoenix Framework

Testcases

• bowu678/php_bugs - PHP代码审计分段讲解
• jiangsir404/Audit-Learning - 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获