SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community.
Pretty print the result of Android lint tool. Would work great when you run lint as part of continuous integration flow.
Hopper is a goal-directed static analysis tool for languages that run on the JVM. It is a much-improved and more feature-full version of Thresher written in Scala rather than Java.
Meet detekt, a static code analysis tool for the Kotlin programming language. It operates on the abstract syntax tree provided by the Kotlin compiler.
An example project with SonarQube integration for proper code review and code structuring.
Soot is a Java optimization framework. It provides four intermediate representations for analyzing and transforming Java bytecode:
This project adds gradle setup for quality tools like CheckStyle, FindBugs, PMD and Lint to Android project via shell script. After adding this, we can easily increase quality of the project by static code analysis.
An anti-bikeshedding Kotlin linter with built-in formatter.
This is an extension for Android Lint. Rock your Android.
Custom Lint checks for Android development.
A basic, Gradle-based project template for writing custom Android Lint rules.
Quick Android Review Kit - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds. There is no need to root the test device, as this tool focuses on vulnerabilities that can be exploited under otherwise secure conditions.
Prettier display of Android Lint issues.
Infer is a static analysis tool for Java, Objective-C and C, written in OCaml.
Catch common Java mistakes as compile-time errors.
Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviors developed by an Android application.
The detection is performed with the static analysis of the application's Dalvik bytecode, represented as Smali.
This analysis leads to the generation of a report, according to a technical detail level chosen from the user.
APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
ApkAnalyser is a static, virtual analysis tool for examining and validating the development work of your Android app. It's a complete tool chain which supports modification of the binary application with more printouts.
You are then able to repack, install, run and verify the result from logcat. ApkAnalyser also supports resource analysis, and you can decode XML, look up resource references and detect potential issues in your app.
Thresher is a static analysis tool that specializes in checking heap reachability properties. Its secret sauce is using a coarse up-front points-to analysis to focus a precise symbolic analysis on the alarms reported by the points-to analysis.
The Android lint tool is a static code analysis tool that checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, accessibility, and internationalization.