.svg){kind=icon}
Here at Pa11y, we think making the web more accessible improves it for everyone. So we publish a range of free and open source tools to help designers and developers make their web pages more accessible.
Fearless refactoring, it does a lot of smart checks to find certain errors.
The Easiest way to add coding standard to your PHP project.
Easy Coding Standard focuses on easy run, setup, and use. From composer requirement through the automated setup to the config.
The ubiquitous test and mock framework for PowerShell.
The Universal Code Beautifier.
Single beautifier abstracting multiple beautifiers for multiple languages.
PHP Benchmarking framework.
PHPBench is a benchmark runner for PHP analogous to PHPUnit but for performance rather than correctness.
A vulnerability scanner for container images and filesystems.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration with ASPM/VM platforms and in CI environments.
Knip finds unused files, dependencies and exports in your JavaScript and TypeScript projects.
CI/CD Security Analyzer.
RAVEN (Risk Analysis and Vulnerability Enumeration for CI/CD) is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database.
An extensible multilanguage static code analyzer.
PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports many languages. It can be extended with custom rules. It uses JavaCC and Antlr to parse source files into abstract syntax trees (AST) and runs rules against them to find violations. Rules can be written in Java or using a XPath query.
Kubernetes-native CI/CD building blocks.
Tekton is a powerful yet flexible Kubernetes-native open source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A vulnerability scanner for container images and filesystems.
Lfi Scan Tool.
LFI Space is a robust and efficient tool designed to detect Local File Inclusion (LFI) vulnerabilities in web applications. This tool simplifies the process of identifying potential security flaws by leveraging two distinct scanning methods: Google Dork Search and Targeted URL Scan. With its comprehensive approach, LFI Space assists security professionals, penetration testers, and ethical hackers in assessing the security posture of web applications.
Flow is a static type checker for JavaScript.
scissors Find unused files, dependencies and exports in your JavaScript and TypeScript projects. Knip it before you ship it!
Declarative CLI Version Manager. Unify tool versions in teams, projects, and CI. Easy, painless, and secure.
Declarative CLI Version manager written in Go. Support Lazy Install, Registry, and continuous update with Renovate. CLI version is switched seamlessly
A fully functional local cloud stack. Develop and test your cloud and serverless
apps offline!
LocalStack is an easy-to-use test/mocking framework for developing cloud applications. Using LocalStack, you can spin up a local test environment in seconds, and get the same functionality you would get from a real AWS environment.
Smart automation for DevOps teams and CI/CD pipelines. The AKEless Build System for C#/.NET.