- Fuzzing:
- rats
- DevSkim
- flawfinder (additionally contains another list of tools)
- clint
- OCLint
- ESLint
- PHPLint
- SonarQube
- sparse
- Clang Static Analyzer
- pscan
- Cppcheck
- mops
- Bandit
- Stanse
- Spike PHP Security Audit Tool
- its4
- graudit
- FindBugs
- JSPrime
- Retire.js
- PMD
- Milk
- lapse-plus
- sqlmap
- The Mole
- skavenger
- websecurify
- skipfish
- Grabber
- watobo
- smatch
- Valgrind
- OWASP Tools
- List of tools for static code analysis
- mustache-security - A wiki dedicated to JavaScript MVC security pitfalls
- Kali Linux Linux distribution with security tools (has grown out of Backtrack so if anyone suggests Backtrack, you actually want to use Kali)
