This repository lists dynamic analysis tools for all programming languages, build tools, config files and more. The focus is on tools which improve code quality such as linters and formatters. The official website, analysis-tools.dev is based on this repository and adds rankings, user comments, and additional resources like videos for each tool.
This project would not be possible without the generous support of our sponsors.
If you also want to support this project, head over to our Github sponsors page.
Pull requests are very welcome!
Also check out the sister project, awesome-static-analysis.
Microsoft IntelliTest — Generate a candidate suite of tests for your .NET code.
Pex and Moles — Pex automatically generates test suites with high code coverage using automated white box analysis.
CHAP — Analyzes un-instrumented ELF core files for leaks, memory growth, and corruption. It helps explain memory growth, can identify some forms of corruption, and supplements a debugger by giving the status of various memory locations.
KLEE — Symbolic virtual machine built on top of the LLVM compiler infrastructure.
LDRA ©️ — A tool suite including dynamic analysis and test to various standards can ensure test coverage to 100% op-code, branch & decsion coverage.
Valgrind — An instrumentation framework for building dynamic analysis tools.
CHAP — Analyzes un-instrumented ELF core files for leaks, memory growth, and corruption. It helps explain memory growth, can identify some forms of corruption, and supplements a debugger by giving the status of various memory locations.
KLEE — Symbolic virtual machine built on top of the LLVM compiler infrastructure.
LDRA ©️ — A tool suite including dynamic analysis and test to various standards can ensure test coverage to 100% op-code, branch & decsion coverage.
Valgrind — An instrumentation framework for building dynamic analysis tools.
Java PathFinder — An extensible software model checking framework for Java bytecode programs.
Parasoft Jtest ©️ — Jtest is an automated Java software testing and static analysis product that is made by Parasoft. The product includes technology for Data-flow analysis Unit test-case generation and execution, static analysis, regression testing, code coverage, and runtime error detection.
Iroh.js — A dynamic code analysis tool for JavaScript. Iroh allows to record your code flow in realtime, intercept runtime informations and manipulate program behaviour on the fly.
Jalangi2 — Jalangi2 is a popular framework for writing dynamic analyses for JavaScript.
CrossHair — Symbolic execution engine for testing Python contracts.
DynaPyt — DynaPyt is a framework for writing dynamic analyses for Python. The analyses can also modify runtime values to alter the execution.
icontract — Design-by-contract library supporting behavioral subtyping There is also a wider tooling around the icontract library such as a linter (pyicontract-lint) and a plug-in for Sphinx (sphinx-icontract).
Scalene — A high-performance, high-precision CPU and memory profiler for Python
typo — Runtime Type Checking for Python 3.
get_unchecked in slices performs bounds checks * copy, copy_nonoverlapping, and write_bytes check that pointers are aligned and non-null and (if applicable) non-overlapping {NonNull,NonZero*,...}::new_unchecked check that the value is valid * plenty of internal consistency checks in the collection types * mem::zeroed and the deprecated mem::uninitialized panic if the type does not allow that kind of initializationhyperfine — A command-line benchmarking tool It features statistical analysis across multiple runs, support for arbitrary shell commands, constant feedback about the benchmark progress and current estimates, warmup runs, a simple and expressive syntax, and more.
loom — Concurrency permutation testing tool for Rust. It runs a test many times, permuting the possible concurrent executions of that test.
MIRI — An interpreter for Rust's mid-level intermediate representation, which can detect certain classes of undefined behavior like out-of-bounds memory accesses and use-after-free.
puffin — Instrumentation profiler for Rust.
rust-san — How-to sanitize your Rust code with built-in Rust dynamic analyzers
stuck — provides a visualization for quickly identifying common bottlenecks in running, asynchronous, and concurrent applications.
perf_event_open functionality to compare the performance of multiple commands with a colorful terminal user interface. It is similar to hyperfine.allocscope — allocscope is a tool for tracking down where the most egregiously large allocations are occurring in a C, C++ or Rust codebase. It is particularly intendend to be useful for developers who want to get a handle on excessive allocations and are working in a large codebase with multiple contributors with allocations occuring in many modules or libraries.
bytehound — A memory profiler for Linux. Can be used to analyze memory leaks, see where exactly the memory is being consumed, identify temporary allocations and investigate excessive memory fragmentation.
CASR — Crash Analysis and Severity Report.
Code Pulse — Code Pulse is a free real-time code coverage tool for penetration testing activities by OWASP and Code Dx (GitHub).
Sydr ©️ — Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle.
angr — Platform agnostic binary analysis framework from UCSB.
BOLT — Binary Optimization and Layout Tool - A linux command-line utility used for optimizing performance of binaries with profile guided permutation of linking to improve cache efficiency
Dr. Memory — Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors (Github).
DynamoRIO — Is a runtime code manipulation system that supports code transformations on any part of a program, while it executes.
llvm-propeller — Profile guided hot/cold function splitting to improve cache efficiency. An alternative to BOLT by Facebook
Pin Tools — A dynamic binary instrumentation tool and a platform for creating analysis tools.
TRITON — Dynamic Binary Analysis for x86 binaries.
AppScan Standard ©️ — HCL's AppScan is a dynamic application security testing suite (previously by IBM)
Enlightn — A static and dynamic analysis tool for Laravel applications that provides recommendations to improve the performance, security and code reliability of Laravel apps. Contains 120 automated checks.
WhiteHat Sentinel Dynamic ©️ — Part of the WhiteHat Application Security Platform. Dynamic application security scanner that covers the OWASP Top 10.
To the extent possible under law, Matthias Endler has waived all copyright and related or neighboring rights to this work. The underlying source code used to format and display that content is licensed under the MIT license.
Title image Designed by Freepik.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4