7 个仓库
Tools for inspecting, analyzing, and extracting data from web source code.
Explore 7 awesome GitHub repositories matching part of an awesome list · Source Code Analysis. Refine with filters or upvote what's useful.
CLI-Anything is a framework for converting software interfaces into standardized command-line tools that autonomous AI agents can discover and execute. It functions as a software interface generator that analyzes source code to transform application features into structured command groups and executable packages. The project provides a centralized registry and manager for discovering, installing, and updating command-line toolkits. It employs a specific metadata standard using markdown and YAML to provide agents with the usage examples and documentation necessary to call commands. The system
Analyzes source code to automatically generate structured command-line interface definitions.
gosec is a static analysis security tool designed to scan Go source code for vulnerabilities and common coding flaws. It functions as a security analyzer that inspects the abstract syntax tree to identify insecure function calls, API usage, and potential security risks. The tool distinguishes itself by mapping detected vulnerabilities to Common Weakness Enumeration identifiers for standardized reporting and integrating with external AI models to suggest code fixes for identified issues. Its capabilities cover the detection of injection vulnerabilities, hardcoded credentials, weak cryptograph
Inspects the abstract syntax tree to identify risky function calls and security flaws.
axe-core is an automated accessibility testing engine and compliance auditor designed to scan web and mobile interfaces for violations of industry accessibility standards. It functions as a programmatic scanner and linter that analyzes HTML and source code to identify barriers and verify compliance with accessibility guidelines. The project distinguishes itself by combining a DOM-based rule engine with computer vision and machine learning to detect complex violations that evade traditional analysis, such as visual heading discrepancies and informative images. It provides specialized capabilit
Performs static analysis on source code to identify accessibility barriers before the code is compiled.
JavaParser is a library that parses Java source code up to version 12 into an Abstract Syntax Tree (AST), enabling programmatic analysis, transformation, and generation of Java code. It serves as a parser, code analyzer, code generator, comment parser, and symbol resolver, providing a unified toolkit for working with Java source at the AST level. The library distinguishes itself through several integrated capabilities that go beyond basic parsing. It includes a symbol resolution engine that resolves type and symbol references across files for accurate semantic analysis, and an error-recovery
Traverses parsed Java source code to find patterns of interest, such as specific field declarations or class structures.
LinkFinder 是一个安全侦察和静态分析工具,专为 JavaScript 端点发现而设计。它从 JavaScript 文件中提取绝对和相对 URL 及参数,以映射 Web 应用程序的攻击面并识别隐藏的 API 路由。 该工具通过静态代码分析和正则表达式模式匹配来运行,无需执行源代码即可查找端点。它包括一个用于导入 Burp Suite 导出文件的数据处理器,从而能够在单次执行中对多个 JavaScript 资源进行批量分析。 该系统提供针对全域分析和特定域过滤的能力,以将发现重点放在目标上。它还具有关键字检测通知功能,可在结果中出现特定字符串时提醒用户,并支持将发现的数据导出为纯文本或 HTML 格式。
Discovering endpoints and parameters in JavaScript files.
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
Extracting sensitive data and tokens from JavaScript files.
OSINT dating tool for web pages
Determining content publication dates via HTTP headers.