10.12. 审计工具¶

10.12.1. 通用¶

Cobra
Semmle QL
Sourcetrail free and open-source cross-platform source explorer
trivy A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
fortify
joern Open-source code analysis platform for C/C++/Java/Binary/Javascript based on code property graphs

10.12.2. PHP¶

RIPS
prvd
phpvulhunter
chip a simple tool to detect potential security threat in php code

10.12.3. Python¶

10.12.4. Java¶

find sec bugs
Gadget Inspector A byte code analyzer for finding deserialization gadget chains in Java applications

10.12.5. JavaScript¶

NodeJsScan

10.12.6. 供应链¶

Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components

10.12.7. 小程序¶

unveilr

Read the Docs v: latest

Versions: latest

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.