OWASP Find Security Bugs
Find Security Bugs is a SpotBugs plugin for security audits of Java web applications and Android applications. It can detect 128 different vulnerability types including Command Injection, XPath Injection, SQL/HQL Injection, XXE and Cryptography weaknesses. SpotBugs is a static analysis tool that targets Java but also works with Groovy, Scala and Kotlin projects.
This software is released under LGPL.
Theses are the current priorities:
The complete roadmap is kept up to date on GitHub in the milestones section.
Involvement in the development and promotion of Find Security Bugs is actively encouraged!
You can contribute by :
The project's development is supported by GoSecure since 2016.