5 Repos
Analysis of code structure to identify race conditions and broken invariants that bypass standard tests.
Distinct from Security Testing and Auditing: Specializes general security auditing by focusing specifically on structural invariants and race conditions.
Explore 5 awesome GitHub repositories matching security & cryptography · Structural Code Audits. Refine with filters or upvote what's useful.
gstack is an AI agent framework and development workflow system designed to automate the software development lifecycle. It coordinates specialized AI personas to manage tasks across product design, engineering management, and quality assurance, transforming product intent into technical specifications and final releases. The project is distinguished by its deep integration of headless browser automation and semantic code memory. It utilizes a persistent Chromium daemon for web scraping and visual auditing, and implements a searchable knowledge base that logs architectural decisions and repos
Performs structural audits to identify complex race conditions and broken invariants that pass standard tests.
This project is a software engineering style guide and a curated collection of architectural patterns and coding standards. It provides a multi-language coding standard to ensure maintainable software across Ruby, Python, JavaScript, and Swift. The project establishes a development workflow specification for version control, continuous integration, and peer review to maintain a linear project history. It also includes a web accessibility framework based on ARIA and WCAG standards, using design tokens and semantic HTML patterns to build inclusive interfaces. The guides cover a broad range of
Provides a checklist for auditing database migrations to identify structural risks and SQL injection vulnerabilities.
CodeQL is a semantic code analysis engine and vulnerability scanning tool that treats source code as data. It utilizes a static analysis query language to define complex patterns and security vulnerabilities within a code graph database. The system represents source code as a relational database, enabling the execution of structural queries and data flow analysis. This approach allows for the detection of security flaws and coding errors across large-scale repositories. The tool provides capabilities for automated code auditing, static analysis security testing, and custom vulnerability dete
Performs automated audits of code structures to identify systemic flaws and security risks.
Checkstyle is a Java static analysis tool and linter designed to identify and enforce coding standards and best practices. It functions as a code quality auditor and Javadoc validation tool, checking source code against configurable rulesets to ensure structural and stylistic consistency. The project allows for the creation of custom linting rules by extending a core API to inspect the abstract syntax tree. It further enables specialized validation through the use of XPath expressions to query the syntax tree for specific code patterns and violations. Capability areas include the enforcement
Audits the semantic content and tag ordering within Javadoc comments to ensure high-quality API documentation.
Oclint is a static analysis engine and extensible linting framework designed for C, C++, and Objective-C source code. It functions as a code quality tool that identifies bugs, code smells, and structural complexities by parsing source code into abstract syntax trees to perform semantic inspection. The project is distinguished by its modular architecture, which supports dynamic plugin loading for custom inspection rules and a pluggable reporter system for exporting analysis findings in multiple formats. It replicates build configurations by reading compiler flags and include paths to ensure th
Deeply inspects structural complexity and semantic patterns to identify hidden vulnerabilities in source code.