7 repositorios
Tools for inspecting, analyzing, and extracting data from web source code.
Explore 7 awesome GitHub repositories matching part of an awesome list · Source Code Analysis. Refine with filters or upvote what's useful.
CLI-Anything is a framework for converting software interfaces into standardized command-line tools that autonomous AI agents can discover and execute. It functions as a software interface generator that analyzes source code to transform application features into structured command groups and executable packages. The project provides a centralized registry and manager for discovering, installing, and updating command-line toolkits. It employs a specific metadata standard using markdown and YAML to provide agents with the usage examples and documentation necessary to call commands. The system
Analyzes source code to automatically generate structured command-line interface definitions.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Inspects the abstract syntax tree to identify risky function calls and security flaws.
axe-core is an automated accessibility testing engine and compliance auditor designed to scan web and mobile interfaces for violations of industry accessibility standards. It functions as a programmatic scanner and linter that analyzes HTML and source code to identify barriers and verify compliance with accessibility guidelines. The project distinguishes itself by combining a DOM-based rule engine with computer vision and machine learning to detect complex violations that evade traditional analysis, such as visual heading discrepancies and informative images. It provides specialized capabilit
Performs static analysis on source code to identify accessibility barriers before the code is compiled.
JavaParser is a library that parses Java source code up to version 12 into an Abstract Syntax Tree (AST), enabling programmatic analysis, transformation, and generation of Java code. It serves as a parser, code analyzer, code generator, comment parser, and symbol resolver, providing a unified toolkit for working with Java source at the AST level. The library distinguishes itself through several integrated capabilities that go beyond basic parsing. It includes a symbol resolution engine that resolves type and symbol references across files for accurate semantic analysis, and an error-recovery
Traverses parsed Java source code to find patterns of interest, such as specific field declarations or class structures.
LinkFinder es una herramienta de reconocimiento de seguridad y análisis estático diseñada para el descubrimiento de endpoints en JavaScript. Extrae URLs absolutas y relativas y parámetros de archivos JavaScript para mapear la superficie de ataque de aplicaciones web e identificar rutas de API ocultas. La herramienta opera a través de análisis de código estático y coincidencia de patrones de expresiones regulares para encontrar endpoints sin ejecutar el código fuente. Incluye un procesador de datos para importar archivos exportados desde Burp Suite, permitiendo el análisis por lotes de múltiples activos JavaScript en una sola ejecución. El sistema proporciona capacidades para el análisis a nivel de dominio y filtrado específico de dominio para enfocar el descubrimiento en objetivos específicos. También cuenta con notificaciones de detección de palabras clave para alertar a los usuarios cuando cadenas específicas aparecen en los resultados, y soporta la exportación de datos descubiertos en formatos de texto plano o HTML.
Discovering endpoints and parameters in JavaScript files.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Extracting sensitive data and tokens from JavaScript files.
OSINT dating tool for web pages
Determining content publication dates via HTTP headers.