static-analysis | curated list of static analysis | Code Analyzer library

angr — Binary code analysis tool that also supports symbolic execution.
binbloom — Analyzes a raw binary firmware and determines features like endianness or the loading address. The tool is compatible with all architectures. Loading address: binbloom can parse a raw binary firmware and determine its loading address. Endianness: binbloom can use heuristics to determine the endianness of a firmware. UDS Database: binbloom can parse a raw binary firmware and check if it contains an array containing UDS command IDs.
BinSkim — A binary static analysis tool that provides security and correctness results for Windows portable executables.
Black Duck :copyright: — Tool to analyze source code and binaries for reusable code, necessary licenses and potential security aspects.
bloaty — Ever wondered what's making your binary big? Bloaty McBloatface will show you a size profile of the binary so you can understand what's taking up space inside. Bloaty performs a deep analysis of the binary. Using custom ELF, DWARF, and Mach-O parsers, Bloaty aims to accurately attribute every byte of the binary to the symbol or compileunit that produced it. It will even disassemble the binary looking for references to anonymous data. F
cargo-bloat — Find out what takes most of the space in your executable. supports ELF (Linux, BSD), Mach-O (macOS) and PE (Windows) binaries.
cwe_checker — cwe_checker finds vulnerable patterns in binary executables.
Ghidra — A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission
IDA Free :copyright: — Binary code analysis tool.
Jakstab — Jakstab is an Abstract Interpretation-based, integrated disassembly and static analysis framework for designing analyses on executables and recovering reliable control flow graphs.
JEB Decompiler :copyright: — Decompile and debug binary code. Break down and analyze document files. Android Dalvik, MIPS, ARM, Intel x86, Java, WebAssembly & Ethereum Decompilers.
Manalyze — A static analyzer, which checks portable executables for malicious content.
mcsema — Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode. It translates ("lifts") executable binaries from native machine code to LLVM bitcode, which is very useful for performing program analysis methods.
Nauz File Detector — Static Linker/Compiler/Tool detector for Windows, Linux and MacOS.
Twiggy — Analyzes a binary's call graph to profile code size. The goal is to slim down wasm binary size.
VMware chap — chap analyzes un-instrumented ELF core files for leaks, memory growth, and corruption. It is sufficiently reliable that it can be used in automation to catch leaks before they are committed. As an interactive tool, it helps explain memory growth, can identify some forms of corruption, and supplements a debugger by giving the status of various memory locations.
zydis — Fast and lightweight x86/x86-64 disassembler library
checkmake — Linter / Analyzer for Makefiles.
portlint — A verifier for FreeBSD and DragonFlyBSD port directories.