VCG is an automated code security review tool that handles C/C++, Java, C#, VB and PL/SQL. Created by Nick Dunn and John Murray VCG is an automated code security review tool that handles C/C++, Java, C#, VB and PL/SQL. It has a few features that should hopefully make it useful to anyone conducting code security reviews, particularly where time is at a premium:1. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for2. It attempts to find a range of around 20 phrases within comments that can indicate broken code (“ToDo”, “FixMe”, “Kludge”, etc.)3. It provides a nice pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, ‘ToDo’ style comments and bad code…
Find Top 10
VisualCodeGrepper
Alternatives
# | Image | App Name | Features | Platforms | Price | Website Link |
2 | Flawfinder | Linux Windows |
Free | Website | ||
3 | EDoC++ | Windows | Free | Website | ||
4 | Cppcheck | Eclipse Windows Linux PortableApps.com |
Free | Website | ||
5 | PVS-Studio |
GCC C Preprocessor (cpp) clang MinGW |
Windows Microsoft Visual Studio Linux |
Commercial | Website | |
6 | PC-lint | Mac Windows Linux |
Commercial | Website | ||
7 | Coverity Scan | Web | Mac Windows BSD Linux |
Freemium | Website | |
8 | Infer | Linux | Free | Website | ||
9 | SonarQube | Web | Mac Windows Linux |
Freemium | Website | |
10 | Splint | Discontinued | Windows Linux |
Free | Website | |
11 | lgtm.com | Web | Free | Website | ||
12 | Clang Static Analyzer | Xcode | Mac | Free | Website |