Code Analysis

Tools of static analysis, linters and code quality checkers

Newest releases

knight0x07 A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

dorkerdevil rpckiller This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate

isidentical Simple, hassle-free, dependency-free, AST based source code refactoring toolkit.

ant4g0nist Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM

agrawalsmart7 The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

pyrustic Dress up your code with a beautiful graphical user interface !

PyCQA A simple program which checks Python source files for errors

returntocorp Semgrep is a fast, open-source, static analysis tool that excels at expressing code standards — without complicated queries — and surfacing bugs early at editor, commit, and CI time. Precise rules look like the code you’re searchi

plasma-umass Scalene is a high-performance CPU and memory profiler for Python that does a number of things that other Python profilers do not and cannot do. It runs orders of magnitude faster than other profilers while delivering far more deta

microsoft Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified.

ajinabraham Static security code scanner (SAST) for Node.js applications powered by njsscan and semgrep.

pschanely CrossHair A static analysis tool for Python that blurs the line between testing and type systems. THE LATEST NEWS: Now you can try out CrossHair in your browser at! If you have functions w

bridgecrewio Checkov Table of contents Description Features Screenshots Getting Started Support Description Checkov is a static code analysis tool for infrastructure-as-code. It scans clou

dnanhkhoa A simple extension for Jupyter Notebook and Jupyter Lab to beautify Python code automatically using black.

zedr clean-code-python Table of Contents Introduction Variables Functions Objects and Data Structures Classes S: Single Responsibility Principle (SRP) O: Open/Closed Principl

Microsoft Static type checker for Python Speed Pyright is a fast type checker meant for large Python source bases. It can run in a “watch” mode and performs fast incremental updates when files are modified.

rocky uncompyle6 A native Python cross-version decompiler and fragment decompiler. The successor to decompyle, uncompyle, and uncompyle2. Introduction uncompyle6 translates Python bytecode back into

Neo23x0 Fnord Fnord is a pattern extractor for obfuscated code Description Fnord has two main functions: Extract byte sequences and create some statistics Use these statistics, combine length, number of occu

nccgroup ___ ___ / | \ ____ __ __ ______ ____ / ~ \/ _ \| | \/ ___// __ \ \ Y ( <_> ) | /\___ \ ___/ \___|_ / \____/|____

facebook Pyre Pyre is a performant type checker for python. Getting Started To install Pyre on your system run pip install pyre-check and you should be good to go! Run it on your project with pyre --source-d

airbus-seclab Introduction What is BinCAT? BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation. It features: value analysis (registers

davidhalter Jedi - an awesome autocompletion/static analysis library for Python If you have specific questions, please add an issue or ask on stackoverflow with the label python-jedi. Jedi is a static analysis tool for Python

lmacken pyrasite-gui A graphical interface for Pyrasite that lets you easily monitor, analyze, introspect, and alter running Python programs. documentation: requirements: htt

bdarnell Plop: Python Low-Overhead Profiler Plop is a stack-sampling profiler for Python. Profile collection can be turned on and off in a live process with minimal performance impact. Plop is currently a work in progress and p

ramonsaraiva timy Minimalist measurement of python code time timy comes with a different idea of the built-in module timeit. It adds flexibility and different ways of measuring code time, using simple context managers an

mihneadb python-execution-trace Trace the local context of a Python function's execution. You can step through any function's execution, viewing the values of all local variables at every step. All this by just adding a deco

gak Python Call Graph Welcome! Python Call Graph is a Python module that creates call graph visualizations for Python applications. Screenshots Click on the images below to see a larger version and

scottrogowski Notes from 2017 This is an older project which I am no longer working on. It was built before ES6 existed and before Python 3 had much usage. While it was always experimental and will probably still give you insights

PyCQA pycodestyle (formerly called pep8) - Python style guide checker pycodestyle is a tool to check your Python code against some of the style conventions in PEP 8. Note This package used to be called pep8 b

PyCQA prospector About Prospector is a tool to analyse Python code and output information about errors, potential problems, convention violations and complexity. It brings together the functionality o

tweekmonster Moult Moult is a utility that can assist you in finding packages that may not be in use any more. It was created to help me clean up a project's requirements.txt file after a major overhaul. It's far from perfect, but

caioariede pyq A command-line tool to search for Python code using jQuery-like selectors Installation pip install pyqtool Notice: As the tool is still under heavy development, you may see that some features are not