一些可以用来做机器代码审查的工具列表

工具名称	语言	费用	描述	日期
ASTRÉE	C	联系	undefined code constructs or run-time errors, e.g., out-of-bounds array indexing or arithmetic overflow.	1 Mar 2007
BOON	C	免费	integer range analysis determines if an array can be indexed outside its bounds	15 Feb 2005
C Code Analyzer	C	免费	out-of-bounds array indexing or arithmetic overflow. aims for no false positives	20 Apr 2006
C++test	C++	Parasoft	“defects, poor constructs, potentially malicious code and other elements”	4 Apr 2006
.TEST	C#, VB.NET, MC++
Jtest	Java
WebKing	HTML
CodeAssure	C, C++, Java	Secure Software	unvalidated input, cryptographic problems, missed exceptions, etc.	2005
CodeCenter	C	CenterLine Systems	incorrect pointer values, illegal array indices, bad function arguments, type mismatches, and uninitialized variables	28 Oct 2005
CodeScan	.ASP PHP	CodeScan Labs	… security holes and source code issues …	10 Oct 2006
CodeSonar	C, C++	GrammaTech	null-pointer dereferences, divide-by-zeros, buffer over- and underruns	21 Mar 2005
CQual	C	免费	uses type qualifiers to perform a taint analysis, which detects format string vulnerabilities	15 Feb 2005
Csur	C	免费	cryptographic protocol-related vulnerabilities	10 Apr 2006
DevInspect	C#, Visual Basic, JavaScript, VB Script	SPI Dynamics	application vulnerabilities	21 Dec 2004
DevPartner SecurityChecker	C#, Visual Basic	Compuware	known and potential security vulnerabilities	10 Oct 2006
Eau Claire	C	未知	array bounds errors, null pointer dereferences, string functions	15 Feb 2005
Flawfinder	C/C++	免费	uses of risky functions, buffer overflow (strcpy()), format string ([v][f]printf()), race conditions (access(), chown(), and mktemp()), shell metacharacters (exec()), and poor random numbers (random()).	2005
Fluid	Java	联系	“analysis based verification” for attributes such as race conditions, thread policy, and object access with no false negatives	28 Oct 2005
ITS4	C, C++	免费	potentially dangerous function calls, with risk analysis of some	11 Feb 2005
Jlint	Java	免费	bugs, inconsistencies and synchronization problems	3 Feb 2006
K7	C, C++, and Java	Klocwork	Access problems, buffer overflow, injection flaws, insecure storage, unvalidated input, etc.	6 July 2005
LAPSE	Java	免费	helps audit Java J2EE applications for common types of security vulnerabilities found in Web applications.	19 Sep 2006
MILK	Java	免费	Milk is a security source code assessment tool using Orizon as API. Milk scans java and .NET source file in order to perform a security code review trying to point out safe coding best practices misuse.	19 Sep 2006
PHP-Sat	PHP	免费	static analysis tool, XSS, etc. description (http://ericbouwers.blogspot.com/ )	18 Sep 2006
PMD	Java	免费	questionable constructs, dead code, duplicate code	3 Feb 2006
PolySpace	Ada, C, C++	PolySpace Technologies	run-time errors, unreachable code	25 Feb 2005
PREfix and PREfast	C, C++	Microsoft proprietary		10 Feb 2006
Prevent	C, C++	Coverity	flaws and security vulnerabilities - reduces false positives while minimizing the likelihood of false negatives.	11 Mar 2005
Prexis	C, C++, Java, JSP, J2EE, STRUTS, “and more”	Ounce Labs	coding errors, design flaws, and policy violations	7 Dec 2005
QA-C, QA-C++, QA-J, QA-FORTRAN, QA-High-Integrity C	C, C++, Java, FORTRAN	Programming Research	out-of-bounds array indexing	10 Dec 2004
RATS	C	免费	potential security risks	2005
Resource Standard Metrics	C, C++, C#, and Java	M Squared Technologies	Scan for 50 readability or portability problems or questionable constructs, e.g. different number of “new” and “delete” key words or an assignment operator (=) in a conditional (if).	10 Dec 2004
Smatch	C	免费	simple scripts look for problems in simplified representation of code. primarily for Linux kernel code	20 Apr 2006
SoftCheck Inspector	Java	SofCheck	creates assertions for each module, tries to prove the system obeys assertions and the absence of runtime errors.	8 Jun 2006
SCA	ASP.NET, C, C++, C# and other .NET languages, Java, JSP, PL/SQL, T-SQL, VB.NET, XML	Fortify Software	security vulnerabilities, tainted data flow, etc.	21 Apr 2006
SCARE	C, maybe any lanuage	免费	The Source Code Analysis Risk Evaluation project is a study to create a security complexity metric that will analyze source code and provide a realistic and factual representation of the potential of that source code to create a problematic binary.	10 Dec 2007
Skavenger	php, but also used for any kind of source code file;	免费	Skavenger is a source code auditing tool written in php, works in the same way as egrep/sed with the possibility to parse more files at one run, or even an entire directory. Also can take a series of regular expressions from a file which to use simultaneously on the targeted file.	15 Dec 2007
SPARK tool set	SPARK (Ada subset)	Praxis	ambiguous constructs, data- and information-flow errors, any property expressible in first-order logic (Examiner, Simplifier, and SPADE)	29 Aug 2006
Splint	C	免费	security vulnerabilities and coding mistakes. with annotations, it performs stronger checks	2005
UNO	C	免费	uninitialized variables, null-pointers, and out-of-bounds array indexing and “allows for the specification and checking of a broad range of user-defined properties”. aims for a very low false alarm rate.	3 Feb 2006
Viva64<	C++	Viva64	finds problems in porting to 64-bit architecture, e.g. out-of-bounds indexing or arithmetic overflow.	07 Feb 2007
xg++	C	未知	kernel and device driver vulnerabilities in Linux and OpenBSD through range checking (http://www.stanford.edu/~engler/sp-ieee-02.pdf ) , etc.	15 Feb 2005
orizon	Java	免费	Orizon is a framework intended to provide tools and facilities to test java sources for security flaws. The main goal is to detect common threats as described in Owasp top 10 vulnerability document.	07 May 2007
Pixy	Php	免费(Free)	Pixy is a Java program that performs automatic scans of PHP 4 source code, aimed at the detection of XSS and SQL injection vulnerabilities.	27 June 2007