Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs.
A source code analyzer
Doxygen is a JavaDoc like documentation system for C++, C, Java and IDL.
Static source code analysis tool for C and C++ code
Static analysis of C/C++ code. Checks for: memory leaks, mismatching allocation-deallocation, buffer overrun, and many more. The goal is 0% false positives. See http://cppcheck.sourceforge.net for more information.
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
A general purpose source code indexer and cross-referencer that provides web-based browsing of source code with links to the definition and usage of any identifier. Supports multiple languages. Up-to-date information in http://lxr.sourceforge.net
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections
Eclipse Plugin to find unused Java code
UCDetector (Unnecessary Code Detector) is a Open Source Eclipse Plugin Tool. UCDetector finds unnecessary (dead) public Java code. It suggests to make code final, protected or private.
"The C preprocessor chainsaw"
Coan is a software engineering tool for analysing preprocessor-based configurations of C or C++ source code. Its principal use is to simplify a body of source code by eliminating any parts that are redundant with respect to a specified configuration.
Performs basic checks on shell scripts for the presence of non portable syntax.
Diff-ext is an extension for filemanagers such as Windows Explorer and Nautilus that allows to launch diff/merge tools on selected files.
Ada source code controller
A tool that detects the use of many constructs in Ada programs. Use it to control style or programming rules, but also as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns.
This tool helps you to reverse engineer UML Sequence Diagram for your java program at runtime. It works well with both complex java programs (that have multiple threads) and J2EE applications deployed on Application Servers.
QtCreator plugin for some command line tools over a Qt (.pro) project.
qpt (Qt Project Tool) understands Qt C++ projects (.pro) and allows to pass this information to command line tools as "Code Counters" and "Static Analysis tools". It also can used inside QtCreator to act as a plugin for "Static Analysis tools" putting reported issues into QtCreator issues pane.
Provide metrics calculation and dependency analyzer plugin for the Eclipse platform. Measure metrics with avg and std deviation and detect cycles in package and type dependencies. Continuation of work from http://sourceforge.net/projects/metrics.
A very powerful java bytecode viewer and decompiler which makes use of the javassist open source library.
Linter plugin for Notepad++
A Notepad++ plugin that allows realtime code check against any checkstyle-compatible linter: jshint, eslint, jscs, phpcs, csslint and many others.
Command line tool for counting source code lines
cline is a command line tool that counts code lines in your project folder. It is designed to recursively find any source file matching specific rules and count the line breaks within that file. You may specify file suffixes to include or exclude as well as regular expressions for code lines that shall be excluded (e.g. to exclude comments). By default a heuristic algorithm skips binary files. You may configure the restrictiveness of this algorithm with command line options.
Makes a C function call tree as Graphviz DOT file from CScope output.
The purpose of the project is generating a function call tree for a software application written in C. This utility takes as input an uncompressed CScope (http://cscope.sourceforge.net/) output file. With a few options, an output DOT language file can be generated. The DOT file may be used as input for Graphviz (http://www.graphviz.org/) to make an image of the function call tree (see screenshot examples for tceetree run over its sources). For more information, see the Wiki page.
Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.
Please go to the GitHub page for more information
A code-understanding tool based on cscope and ctags. Please go to the GitHub page for more information. Homepage: http://ruben2020.github.io/codequery GitHub: https://github.com/ruben2020/codequery
This project has moved to GitHub ! The version here at SourceForge will remain for historic purpose. Koopa is a parser generator, made for COBOL. It can handle source files in isolation (no preprocessing required) and doesn't mind the presence of CICS/SQL fragments. The grammar is easily extensible in a way which minimizes the impact on the overall code.
C and C++ control flow graph generator and analyzer
CoFlo generates Control-Flow Graphs from C and C++ source code. It can then output the graphs in a number of ways and perform various control flow analyses. NOTE: CoFlo has not been under active development for several years. At this time, I suggest you look into LLVM-based tooling to see if there is anything similar to CoFlo which will meet your needs.
Qt Creator Cppcheck integration plugin
Allows to use Cppcheck static analyzer tool in Qt Creator IDE. Sources can be obtained here: https://github.com/OneMoreGres/qtc-cppcheck IMPORTANT: plugin's version must match Qt Creator's version (difference in last digit is acceptable) Then plugin must be enabled in Help->Modules menu.