Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
There are various ‘egg’ modules which contain patterns to scan for, it can scan through files recursively limited by file extension and logs results to an XML text file.
It’s also fairly easy to extend and add your own modules/eggs/languages.
Manual Static Analysis Tool Language Support
Languages it can scan for vulnerabilities are:
- ASP
- C
- C#
- Java
- JavaScript
- PHP
- Ruby
- Swift
You can download Mosca here:
Mosca-master.zip
Or read more here.
Read the rest of Mosca – Manual Static Analysis Tool To Find Bugs now! Only available at Darknet.