Search results
Results from the WOW.Com Content Network
The Web Application Security Consortium's Static Code Analysis Tool List; SAMATE-Source Code Security Analyzers; SATE – Static Analysis Tool Exposition "A Comparison of Bug Finding Tools for Java", by Nick Rutar, Christian Almazan, and Jeff Foster, University of Maryland. Compares Bandera, ESC/Java 2, FindBugs, JLint, and PMD.
List of tools for static code analysis..NET Reflector; A. AbsInt; Astrée (static analysis) Automated code review; B. ... ESC/Java; ESLint; Extended static checking ...
FindBugs is an open-source static code analyser created by Bill Pugh and David Hovemeyer which detects possible bugs in Java programs. [2] [3] Potential errors are classified in four ranks: (i) scariest, (ii) scary, (iii) troubling and (iv) of concern. This is a hint to the developer about their possible impact or severity. [4]
PMD is an open source static source code analyzer that reports on issues found within application code. PMD includes built-in rule sets and supports the ability to write custom rules. PMD includes built-in rule sets and supports the ability to write custom rules.
Jtest is an automated Java software testing and static analysis product developed by Parasoft. The product includes technology for data-flow analysis, unit test-case generation and execution, static analysis, and more. [1] Jtest is used by companies such as Cisco Systems and TransCore.
In static program analysis, Soot is a bytecode manipulation and optimization framework consisting of intermediate languages for Java. It has been developed by the Sable Research Group at McGill University. Soot is currently maintained by the Secure Software Engineering Group at Paderborn University. [1]
A growing commercial use of static analysis is in the verification of properties of software used in safety-critical computer systems and locating potentially vulnerable code. [5] For example, the following industries have identified the use of static code analysis as a means of improving the quality of increasingly sophisticated and complex ...
The runtime overhead of added instrumentation is small (5–20%) and the bytecode instrumentor itself is very fast (mostly limited by file I/O speed). Memory overhead is a few hundred bytes per Java class. EMMA is 100% pure Java, has no external library dependencies, and works in any Java 2 JVM (even 1.2.x).