Software Alternatives & Reviews

TOP 40 Static Code Analysis Tools (Best Source Code Analysis Tools)

Recommended and mentioned products

  1. R


    This hasn't been added to SaaSHub yet

  2. Static code analysis tool for web application security

  3. PVS-Studio is a useful piece of software for detecting problems in source code. The software examines program codes written in C, C++, and C# for any problems that might prohibit the code from functioning properly.

    Errors and suspicious code fragments in .NET 6 sources about 23 days ago

    I checked the code with the PVS-Studio static analyzer. As you probably guessed from this article, PVS-Studio 7.16 supports the analysis of projects on .NET 6. You can read more about new enhancements of the current release here. The PVS-Studio C# analyzer for Linux and macOS now works on .NET 6 as well.
  4.  Learn how Kiuwan's Code Security (SAST) identifies and remediates cyber threats with a DevSecOps approach in a collaborative environment, with seamless integration in your SDLC.

  5. Peer Code Review

    Embold to integrate with Codesphere to bring advanced code... about 3 months ago

    We are happy to announce our collaboration with Embold!
  6. r


    This hasn't been added to SaaSHub yet

  7. ECS

    Empear Code Scene

    This hasn't been added to SaaSHub yet

  8. An all-in-one Static Code Analysis + SAST tool for PowerBuilder, Oracle and SQL Server

  9. Veracode provides cloud-based app intelligence and security verification services to protect critical data across software supply chains.

  10. Complete application security as a service (AppSec SaaS) solution with SAST, DAST, IAST, RASP, SCA (open source security), and developer security training.

  11. PSA

    Parasoft Static Analysis

    This hasn't been added to SaaSHub yet

  12. Find and fix defects in your Java, C/C++ or C# open source project for free

    I created this point of sale system for restaurants and... about 30 days ago:

    You can use Coverity for free on open source code. I use it on an app I open sourced for packet processing.
  13. Record, edit, publish, and host your podcast

    How to Record a Podcast about 3 months ago

    We’ve been using Cast ( for over a year now. We’ve tried some other options like zencastr which I’m not a fan of and local recording which didn’t work that great due to the age of my cohosts computer. Cast works really well and allows a cheap option for hosting and editing too. Although I actually use Descript and Audition for editing.
  14. CodeSonar, produced by GrammaTech, is source and binary code analysis software that finds critical defects that can crash systems, result in unexpected operations, threaten security, and more.

  15. Combines a powerful Code Editor together with an impressive array of static analysis tools that will change the way you work with code.

    Discontinue Sourcetrail about 4 months ago

    Https:// can produce impact reports showing “changing X affects A, B and Y on the first level which in turn affects C, D, E, F and Z on the second level” and so on… Understand can answer similar questions and tries to perform flow analysis “through” function pointers as well.
  16. Code Compare is an advanced file and folder comparison tool. Its intuitive interface allows you to merge differing files and folders fast and easily! And it's FREE!

    freemium $69.95 / Annually

  17. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C...

  18. CppDepend is used by developers to measure, understand and improve their C & C++ code quality.

  19. Klocwork is a static code analysis and SAST tool for C, C++, C#, Java, and JavaScript.

  20. Cppcheck is an analysis tool for C/C++ code. It detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. CppCheckDownload cppcheck for free.

    Why can't compilers detect simple uninitialized variables? about about 1 month ago

    There are tools called lints (static analyzers) that detect such faults. Cppcheck or clang-analyzer are two of these. Cppcheck found it for me:.
  21. Perforce Helix QAC is a handy, reliable, and highly rated Static Code Analysis solution that aids you in the process of finding vulnerabilities and problems within your C/C++ code.

  22. G


    This hasn't been added to SaaSHub yet

  23. MPB

    Mathworks Polyspace Bug Finder

    This hasn't been added to SaaSHub yet

  24. S


    This hasn't been added to SaaSHub yet

  25. CQA


    This hasn't been added to SaaSHub yet

  26. JArchitect is used by developers to measure, understand and improve their Java code quality.

  27. OCL

    This hasn't been added to SaaSHub yet

  28. "Watchtower monitors your competition's websites and alerts you to important changes instantly."

  29. OWA

    OWASP Code Crawler

    This hasn't been added to SaaSHub yet

  30. OWA

    OWASP Orizon

    This hasn't been added to SaaSHub yet

  31. GPC

    Gimpel PC-lint

    This hasn't been added to SaaSHub yet

  32. IBM

    IBM Rational Software Analyzer

    This hasn't been added to SaaSHub yet

  33. bSE

    bugSeng Eclair

    This hasn't been added to SaaSHub yet

  34. SonarQube is code review and management software. The software is developed by SonarSource, which was founded in 2008 by Freddy Mallet, Simon Brandhof and Olivier Gaudin. Read more about SonarQube.

  35. R


    This hasn't been added to SaaSHub yet

  36. A unofficial Framer for Web desktop app for Mac

  37. Semmle analytics platform that provides data-driven software engineering for visibility for every project, location, team and timeframe.

  38. PMD scans Java source code and looks for potential problems like:

  39. Findbugs is a tool that looks for bugs in Java code. Findbugs finds the bugs by analyzing computer software without actually executing programs. Using this software allows for easy debugging and repairing broken script. Read more about FindBugs.

    Scanning for flaws? about 2 months ago

    The tools generally depend on the programming language. You might be looking for something like a "linter" or static analyzer (i.e. FindBugs for Java).
  40. HCL Software Site

  41. David A. Wheeler's Page for Flawfinder

  42. Splint Home Page

    Why is this not giving any warning for returning address of... about 4 months ago

    Yeah, I used tool called Splint . Splint detected that problem.
  43. HFC

    Header Free Cyclomatic Complexity Analyzer

    This hasn't been added to SaaSHub yet

  44. C


    This hasn't been added to SaaSHub yet

  45. SLO


    This hasn't been added to SaaSHub yet

  46. New JSHint website. Anton Kovalyov Oct 1st, 2013. For the last couple of weeks I've been working on a new homepage for JSHint and today I'm proud to announce the new jshint. com! JSHint Website.

    Cyclomatic complexity: Why QAs (and Devs) should worry about it about 3 months ago

    And another 50 warnings, measured in JSHint. Some words were removed and/or modified to not identify the product and translated to English.
  47. DS


    This hasn't been added to SaaSHub yet