Open Source Java Source Code Analysis Tools
Sort By:
Java Source Code Analysis Tools
View 5540 business solutionsBrowse free open source Java Source Code Analysis Tools and projects below. Use the toggles on the left to filter open source Java Source Code Analysis Tools by OS, license, language, programming language, and project status.
-
Passwordless Authentication and Passwordless SecurityIt’s no secret — passwords can be a real headache, both for the people who use them and the people who manage them. Over time, we’ve created hundreds of passwords, it’s easy to lose track of them and they’re easily compromised. Fortunately, passwordless authentication is becoming a feasible reality for many businesses. Duo can help you get there.
-
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Doxygen is a JavaDoc like documentation system for C++, C, Java and IDL.
-
2
PMD
A source code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Salesforce.com Apex, Java, JavaScript, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, Matlab, Swift. You can fork us on https://github.com/pmd -
3
Eclipse Checkstyle Plug-in
Integrates Checkstye into the Eclipse IDE
The Eclipse Checkstyle plug-in integrates the Checkstyle Java code auditor into the Eclipse IDE. The plug-in provides real-time feedback to the user about violations of rules that check for coding style and possible error prone code constructs. -
4
SonarQube
Continuous inspection
SonarQube empowers all developers to write cleaner and safer code. Thousands of automated Static Code Analysis rules, protecting your app on multiple fronts, and guiding your team. Catch tricky bugs to prevent undefined behavior from impacting end-users. Fix vulnerabilities that compromise your app, and learn AppSec along the way with Security Hotspots. Make sure your codebase is clean and maintainable, to increase developer velocity! We embrace progress - whether it's multi-language applications, teams composed of different backgrounds or a workflow that's a mix of modern and legacy, SonarQube has you covered. SonarQube fits with your existing tools and pro-actively raises a hand when the quality or security of your codebase is at risk. SonarQube can analyse branches of your repo, and notify you directly in your Pull Requests! -
Comprehensive Cybersecurity to Safeguard Your Organization | SOCRadarProtect your organization from cyber threats with SOCRadar’s cutting-edge threat intelligence. Gain 360° visibility into your digital assets, monitor the dark web, and stay ahead of hackers with real-time insights. Start for free and transform your cybersecurity today.
-
5
google-java-format
Reformats Java source code to comply with Google Java Style
google-java-format is a program that reformats Java source code to comply with Google Java Style. The formatter can act on whole files, on limited lines, on specific offsets, passing through to standard-out (default) or altered in-place. There is no configurability as to the formatter's algorithm for formatting. This is a deliberate design decision to unify our code formatting on a single format. The formatter can be used in software that generates java to output more legible java code. Just include the library in your maven/gradle/etc. configuration. A google-java-format IntelliJ plugin is available from the plugin repository. To install it, go to your IDE's settings and select the Plugins category. Click the Marketplace tab, search for the google-java-format plugin, and click the Install button. -
6
UCDetector
Eclipse Plugin to find unused Java code
UCDetector (Unnecessary Code Detector) is a Open Source Eclipse Plugin Tool. UCDetector finds unnecessary (dead) public Java code. It suggests to make code final, protected or private. -
7
A drop-in replacement for the src.zip shipped with Oracle Java 7, that contains sources to all Java classes that are shipped or generated by the OpenJDK project (the official src.zip only covers public classes), plus tools to generate it.
-
8
Source Navigator NG is a source code analysis tool. With it, you can edit your source code, display relationships between classes and functions and members, and display call trees. You can navigate your source code and easily get to declarations or implementations of functions, variables and macros (commonly called "symbols") which helps you discovering and mapping unknown source code for enhancement or maintenance tasks.
-
9
Joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis. -
Red Hat Enterprise Linux on Microsoft AzureRed Hat Enterprise Linux (RHEL) on Microsoft Azure provides a secure, reliable, and flexible foundation for your cloud infrastructure. Red Hat Enterprise Linux on Microsoft Azure is ideal for enterprises seeking to enhance their cloud environment with seamless integration, consistent performance, and comprehensive support.
-
10
OpenRewrite
Automated mass refactoring of source code
The OpenRewrite project is a mass source code refactoring ecosystem. Reduce 1000s of hours of static code analysis fixes to minutes. Turn a four-month migration project into four hours of work. Patch security vulnerabilities across 100s of repositories at once. OpenRewrite automates code refactoring and remediation tasks for you, enabling developers to deliver more business value. OpenRewrite's refactoring engine and recipes will always be open-source. Build tool plugins like OpenRewrite Gradle Plugin and OpenRewrite Maven Plugin help you run these recipes on one repository at a time. Moderne is a complementary product that executes OpenRewrite recipes at scale on hundreds of millions of lines of code and enables mass-committing of results. Moderne freely runs a public service for the benefit of thousands of open-source projects. -
11
pmd
An extensible multilanguage static code analyzer
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, and XSL. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex, and Visualforce. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, Modelica, PLSQL, Apache Velocity, XML, XSL, and Scala. Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in C/C++, C#, Dart, Fortran, Go, Groovy, Java, JavaScript, JSP, Kotlin, Lua, Matlab, Modelica, Objective-C, Perl, PHP, PLSQL, Python, Ruby, Salesforce.com Apex, Scala, Swift, Visualforce and XML. -
12
Halstead Metrics Tool
Software Metrics Analyzer for C,C++,Java Programs
Some software measures are still not widely used in industry, despite the fact that they were defined many years ago, and some additional insights might be gained by revisiting them today with the benefit of recent lessons learned about how to analyze their design. This project analyzes the design and definitions of Halstead’s metrics, the set of which is commonly referred to as ‘software science’. This analysis is based on a measurement analysis framework defined to structure, compare, analyze and provide an understanding of the various measurement approaches presented in the software engineering measurement literature. -
13
This project has moved to GitHub ! The version here at SourceForge will remain for historic purpose. Koopa is a parser generator, made for COBOL. It can handle source files in isolation (no preprocessing required) and doesn't mind the presence of CICS/SQL fragments. The grammar is easily extensible in a way which minimizes the impact on the overall code.
-
14
Web Application Protection
Tool to detect and correct vulnerabilities in PHP web applications
WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections -
15
SourceSquare
The free open source scanning engine
SourceSquare is a free open source scanning solution, based on Antepedia, the world's largest open source knwoledge base, including more than 1,000,000 open source projects from the main forges. SourceSquare is a free (as in free beer) and free (as in free speech, licensed under GNU Affero Public Licence V3) product, which scans a folder on your hard drive and displays a treemap that shows which part of your source code is open source. -
16
Provide metrics calculation and dependency analyzer plugin for the Eclipse platform. Measure metrics with avg and std deviation and detect cycles in package and type dependencies. Continuation of work from http://sourceforge.net/projects/metrics.
-
17
Recognizes typical patterns in Java code which could be replaced with functions provided by open source libraries http://www.jnorm.org
-
18
lockviz
Visualization of Java thread dumps
This tool allows the user to load, visualize and analyse Java thread dumps that are generated by Visual VM. Please see the Wiki for a Quick Start guide and tutorials. -
19
Another Open Source Code Analysis Tool
-
20
Eclipse Plug-In that determines the Minimal Access Modifier of Java types and methods project and computes the software metrics Inappropriate Generosity with Accessibility of Types (IGAT) and Inappropriate Generosity with Accessibility of Methods (IGAM). The Minimal Access Modifier of a Java type or type member is the most restrictive access modifier that is able to allow all actual usages of the particular type or member from inside a given code base (normally the entire source code of the respective Java project). The metric Inappropriate Generosity with Accessibility of Types (IGAT) indicates the proportion of those types which actual access modifier is more generous than the minimal one relative to the total number of types in a given source code subset. Analog the metric Inappropriate Generosity with Accessibility of Method (IGAM) indicates the proportion of those methods which actual access modifier is more generous than the minimal one relative to the total number of me
-
21
Android Scents for Maven
Android Scents for animal-sniffer-maven-plugin
If you want to verify your Maven project (library) can also work in Android, you can use animal-sniffer-maven-plugin to check the API against the desired API level. Android Scents will be pushed to Maven Central in groupid "net.sf.androidscents.signature". -
22
The "Architecture Visualizator" parses source code and analyze the object oriented structure as well as the control flow and logic aspects. After that it visualize the results for example as graphviz file.
-
23
BPUtils
Sterling Integrator BP utilities
BPUtils is a Sterling Integrator BP file manipulation program. It features : - XPath expressions control : BPUtils checks that the XPath expressions defined in the BP file are correct - Consistency control : Controls that the sequences and the on faults are named in a correct way - Auto layout formatting : Formats automatically your BP layouts ! - BP tree printing : BPUtils is able to print to the console standard output the BP tree - BP dependencies analysis : Get the list of service configurations used by the BP And, implements your own functionality by using the Java BPUtils library ! BP loading from : - single BP file - XML resource export file - Automatic BP check out from server -
24
Bluej LOC Counter
An extension for BlueJ that counts logical lines of code.
-
25
Bluprint is an Agile-MDA code generator. It is a fuss-free tool supporting code generation from UML modelling tools. It supports model/code merging so engineers can easily extend and maintain generated code. Bluprint has been developed using itself.
