7 Repos
Tools for inspecting, analyzing, and extracting data from web source code.
Explore 7 awesome GitHub repositories matching part of an awesome list · Source Code Analysis. Refine with filters or upvote what's useful.
CLI-Anything is a framework for converting software interfaces into standardized command-line tools that autonomous AI agents can discover and execute. It functions as a software interface generator that analyzes source code to transform application features into structured command groups and executable packages. The project provides a centralized registry and manager for discovering, installing, and updating command-line toolkits. It employs a specific metadata standard using markdown and YAML to provide agents with the usage examples and documentation necessary to call commands. The system
Analyzes source code to automatically generate structured command-line interface definitions.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Inspects the abstract syntax tree to identify risky function calls and security flaws.
axe-core is an automated accessibility testing engine and compliance auditor designed to scan web and mobile interfaces for violations of industry accessibility standards. It functions as a programmatic scanner and linter that analyzes HTML and source code to identify barriers and verify compliance with accessibility guidelines. The project distinguishes itself by combining a DOM-based rule engine with computer vision and machine learning to detect complex violations that evade traditional analysis, such as visual heading discrepancies and informative images. It provides specialized capabilit
Performs static analysis on source code to identify accessibility barriers before the code is compiled.
JavaParser is a library that parses Java source code up to version 12 into an Abstract Syntax Tree (AST), enabling programmatic analysis, transformation, and generation of Java code. It serves as a parser, code analyzer, code generator, comment parser, and symbol resolver, providing a unified toolkit for working with Java source at the AST level. The library distinguishes itself through several integrated capabilities that go beyond basic parsing. It includes a symbol resolution engine that resolves type and symbol references across files for accurate semantic analysis, and an error-recovery
Traverses parsed Java source code to find patterns of interest, such as specific field declarations or class structures.
LinkFinder is a security reconnaissance and static analysis tool designed for JavaScript endpoint discovery. It extracts absolute and relative URLs and parameters from JavaScript files to map the attack surface of web applications and identify hidden API routes. The tool operates through static code analysis and regular expression pattern matching to find endpoints without executing the source code. It includes a data processor for importing exported files from Burp Suite, enabling the batch analysis of multiple JavaScript assets in a single execution. The system provides capabilities for do
Discovering endpoints and parameters in JavaScript files.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Extracting sensitive data and tokens from JavaScript files.
OSINT dating tool for web pages
Determining content publication dates via HTTP headers.