Yasca – Multi-Language Static Analysis Toolset

Cybertroopers storming your ship?

Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It’s basically a tool-kit for multi-language static analysis.

Yasca can scan source code written in Java, C/C++, HTML, JavaScript, ASP, ColdFusion, PHP, COBOL, .NET, and other languages

Yasca - Multi-Language Static Analysis Toolset

It leverages on external open source programs, such as:

Yasca can be used to scan specific file types, and also contains many custom scanners developed just for it. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools. Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.

Yasca is written in command-line PHP and released under the BSD license.


You can download Yasca here:


Or read more here.

Posted in: Programming, Security Software

, , , , , , , , ,

Recent in Programming:
- Frida – Dynamic Code Instrumentation Toolkit
- YARA – Pattern Matching Tool For Malware Analysis
- american fuzzy lop – Security Oriented Fuzzing Tool

Related Posts:

Most Read in Programming:
- FLARE – Flash Decompiler to Extract ActionScript - 66,519 views
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) - 26,737 views
- 4f: The File Format Fuzzing Framework - 23,864 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95

Comments are closed.