Brakeman alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

81

Alternative: Cppcheck

Cppcheck is a static code analysis tool for C and C++ code. It helps to discover bugs that would not be picked up by compilers, yet avoid any false positives.

64

Alternative: Jackhammer

Jackhammer is a collaboration tool to get security and developer teams together. Focus is on static code analysis and dynamic analysis vulnerability discovery.

The tool uses RBAC (Role Based Access Control) with different levels of access. Jackhammer uses several tools to do dynamic and static code analysis (e.g. for Java, Ruby, Python, and Nodejs). It checks also for vulnerabilities in libraries. Due to its modular architecture, it can use several scanners out of the box, with options to add your own.

The Jackhammer project was initially added to GitHub on the 8th of May, 2017.

Project details

Jackhammer is written in Ruby.

Strengths

  • + The source code of this software is available

Typical usage

  • collaboration
  • information sharing

Jackhammer project page

64

Alternative: PyT (Python Taint)

Python Taint (or PyT) is a static code analyzer for Python scripts and applications. It tries to discover vulnerabilities or other possible weaknesses.

Project details

PyT is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • code analysis

PyT project page