Summary of static code analysis tools

Reprint: http://blog.csdn.net/testing_is_believing/article/details/6601494

Static code scan, borrow a section of the online text to explain (here is called static check): "Static testing, including code inspection, static structure analysis, code quality metrics." It can be carried out manually, give full play to people's logical thinking advantages, can also use software tools to automate. Code check code checks include code walking, desktop inspection, code review, mainly check the code and design consistency, code compliance with the standard, readability, the correctness of the logical expression of the code, the rationality of the code structure, and so on, can be found to violate the procedures of writing standards, the program is unsafe, ambiguous and vague parts, To find out the non portable part of the program, the problem of violating programming style, including variable checking, naming and type review, Program logic Review, program grammar checking and program structure checking. ”。

I saw a series of static code scanning or static code analysis tool, summed up the view of the tool: Static code scanning Tool, and the compiler some of the functions are very similar, they also need lexical analysis, grammar analysis, semantic analysis ... But unlike compilers, they can customize a variety of complex rules to analyze the code.

The static code-scanning tools listed below will vary greatly in functionality due to implementation methods, algorithms, and levels of analysis. Some can do SQL injection check, some can not (of course, because the time problem has not yet been studied, but to examine complex code security vulnerabilities, it requires a more advanced analysis algorithm, so some things should not set up the rules of the library can be checked, but in the security aspects of the check, To some extent, it can be checked by setting rules.

The following I collected online analysis tools, I sorted out the following picked some out, here is only part of the others can be seen on the reference link:

Tool Name	Static Scan language	Open Source/Pay	Manufacturers	Introduced	Home Page URL
ounec5.0	VB.net, C, C + +, and C #, Java is also supported.	Pay	Ounce Labs	\	http://www.ouncelabs.com/
Coverity Prevent	C/c++,c#,java	Pay	Coverity	There are other accessibility tools: 1.Coverity Thread Analyzer for Java 2.Coverity Software Readiness Manager for Java 3.Coverity Architecture Analyzer	Http://www.coverity.com/index.html
@stake smartrisk™ Analyzer	C/c++,java	Pay	Symantec Corporation	@stake Smartrisk™analyzer harnesses the power of Static analysis of binary executables (c, C + +, and Java) to Identify, categorize and prioritize security. Note: This product was not found in Symantec.	http://www.symantec.com/business/index.jsp
Rational Purify	C/c++,java	Pay	Ibm	Provides memory leak and memory corruption for windows,runtime?!	http://www-01.ibm.com/software/awdtools/purify/
PREfix	\	\	Microsoft	The static analysis tool used by Microsoft, but was not found to download at the moment, Now it seems to be considering the release!	\
Jtext	Java	Pay	Parasoft	At the same time there are other static analysis code products, such as: C++test ... For more information please check the website	http://www.parasoft.com/jsp/cn/support.jsp
Flawfinder	C + +	Open source	\	C, C + + program security audit tools written in Python, You can check for potential security risks.	http://www.dwheeler.com/flawfinder/
Static Code Analyzer	C/c++,c#,java	Pay	Fortify	\	http://www.fortify.com/
Klocwork Insight	C + +, Java	Pay	Klocwork	\	Http://www.klocwork.com/products/insight.asp
Polyspace Client/server	C + +, Ada language	Pay	MathWorks	\	http://www.mathworks.cn/
Rats	C + +, Python, Perl Tools for security audits of PHP code	Open source	\	\	http://www.fortify.com/security-resources/rats.jsp
lapse	Java	Open source	\	lapse stands for a lightweight analysis for Pro Gram Security in Eclipse. Lapse is designed to help with the task of auditing Java EE applications for common types of security Vulnerab Ilities found in WEB applications. Lapse is developed by Benjamin Livshits as part of the Griffin Software security Project.	Http://www.owasp.org/index.php/Category:OWASP_LAPSE_Project
Fluid	Java	Open source	\	We have explored properties including: * Race conditions and locking policies, * Unique references and other programmer-significant Aliasing Properties, * Effects, * Appropriate typing, * Realtime threading policies, and * single-threading policies.	Http://www.fluid.cs.cmu.edu:8080/Fluid
Splint	C	Open source	University of Virginia, Department of Computer Science	Static detection for C-language security tools and vulnerability detection.	http://www.splint.org/
Cqual	C + +	Open source	University of Maryland	Lightweight static scanners that run on Linux-like systems.	http://www.cs.umd.edu/~jfoster/cqual/
Mops	C	Open source	Berkeley University	Mops is a tool to finding security bugs in C programs And for verifying conformance to rules of defensive programming	http://www.cs.berkeley.edu/~daw/mops/
BOON	C	Open source	Berkeley University	BOON is a tool for automatically finding buffer overrun Vulnerabilities in C source code. Buffer overruns are one Of the most common types of security holes, and we hope That BOON would enable software developers and code auditors To improve the quality of security-critical programs.	http://www.cs.berkeley.edu/~daw/boon/
BLAST	C	Open source	The BLAST 2.0 Team	BLAST is a software model checker for C programs. The goal of BLAST is to able to check that software Satisfies behavioral properties of the interfaces it uses. BLAST uses Counterexample-driven automatic abstraction Refinement to construct a abstract model which is model Checked for safety properties. The abstraction is constructed On-the-fly, and only to the required precision.	http://mtc.epfl.ch/software-tools/blast/
Spikewamp	Php	Open source	\	For analyzing PHP Programs	Http://developer.spikesource.com/wiki/index.php/SpikeWAMP
Pixy	Php	Open source	\	Finding XSS and Sqli vulnerabilities	http://pixybox.seclab.tuwien.ac.at/pixy/
Mike	Java	Open source	\	Java source code security scanner built on the top of Orizon. They are connected to OWASP.	Http://milk.sourceforge.net/download.html
Smatch	C	Open source	\	\	http://smatch.sourceforge.net/
Oink	C++	Open source	\	C + + Static analysis Tools	Http://www.cubewano.org/oink
Frama-c	C	Open source	\	static analyzers for the C language.	http://frama-c.cea.fr/
Rtl-check	\	Open source	\	Rtl-check is a extensible and powerful abstract interpretation Framework for static analysis of the programs from a safety and Security perspective	http://rtlcheck.sourceforge.net/
Pmd	Java	Open source	\	PMD scans Java source code and looks for potential problems like: * Possible Bugs-empty try/catch/finally/ Switch statements * Dead code-unused Local variables, parameters and Private methods * suboptimal code-wasteful String/stringbuffer usage * overcomplicated Expressions-unnecessary IF statements, For loops that could is while loops * Duplicate code-copied/pasted code means copied/pasted bugs	http://pmd.sourceforge.net/
Findbugs	Java	Open source	University of Maryland	Uses static analysis to look for bugs in Java code. Note: Eclipse Plug-ins are available.	http://findbugs.sourceforge.net/
ITS4	C\c++	Open source	\	Cigital developed ITS4 to help automate source code Review for Security.	http://www.cigital.com/its4/
Qj-pro	Java	Open source	\	Qj-pro is a comprehensive software inspection tool targeted Towards the software developer. Qj-pro Checks: * Conformance to coding standards, * Misuse of the Java language, * Best Practice Conformence * Code Structure and * Potential bugs at the earliest stages of development. Note: Various IDE plug-ins are available.	http://qjpro.sourceforge.net/
Jint	Java	Open source	\	Jlint'll check your Java code and find bugs, inconsistencies and synchronization problems by doing data flow analysis and Building the lock graph.	http://artho.com/jlint/
Hammurapi	Java	Open source	\	Code review system captures coding best practices and delivers them to developers ' fingertips. It also generates consolidated Reports for leads developers, architects, and managers to Monitor codebase quality and evolution.	Http://www.hammurapi.biz/hammurapi-biz/ef/xmenu/hammurapi-group/index.html
Doctorj	Java	Open source	\	Among what it detects: * Misspelled words * Parameter and exception names: o Missing o misordered o misspelled * Javadoc Tags: o Invalid o misordered O Missing expected arguments o Invalid arguments O Missing Descriptions * Undocumented classes, methods, fields, Parameters	Http://www.incava.org/projects/java/doctorj/index.html
Dependency finder	Java	Open source	\	Dependency Finder is a suite of too LS for analyzing compiled Java code. At the core are a powerful dependency analysis application This extracts dependency graphs and mines for them L information. This application comes in many forms for your ease the use, including command-line Tools, a swing-based applicatio N, a Web application ready to is deployed in a application server, and a set of Ant tasks.	http://depfind.sourceforge.net/
Checkstyle	Java	Open source	\	Checkstyle is a development tool to help programmers Write Java code that adheres to a coding standard. It automates the process of checking Java code to spare Humans of this boring (but important) task. This makes It ideal for projects which want to enforce a coding standard. Note: A variety of IDE plug-ins are available.	http://checkstyle.sourceforge.net/
Classycle	Java	Open source	\	Classycle ' s analyser analyses the static class and package Dependencies in Java applications or libraries.	http://classycle.sourceforge.net/
JDepend	Java	Open source	\	JDepend traverses Java class file directories and generates Design quality metrics for each Java package. JDepend allows you to automatically measure the quality of a design in terms of its extensibility, reusability, and maintainability to manage package dependencies effectively.	Http://www.clarkware.com/software/JDepend.html
Jcsc	Java	Open source	\	JCSC is a powerful tool to check source code against a highly Definable coding standard and potential bad code.