I am looking for an open source static source code analysis tool that can be used for security testing of an android application. I need to make sure that my application is PCI compliant.
An example of a non-open source tool is Fortify.
Anyone can help in providing a list of recommended software?
PMD and FindBugs are some of the best Static code analysers that I have worked on. You can try them. You can add your own rule and delete some of the existing ones from them.
https://www.sparkred.com/blog/open-source-java-static-code-analyzers/
There are so many open source tools for Source Code Analysis Tool For Java like Dependometer,FindBugs,QJ-Pro etc.
For more details with lists.
Another link
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With