Static code analysis

Find Security Bugs : Static analysis tool for Java/Scala/Groovy web applications.
FxCop: Security Guard : Static analysis tool for C#/ applications.

Burp extensions

  • Reissue Request Scripter : Plugin to generate scripts that reproduce requests intercepted.
  • Image Metadata : Plugin that extract metadata from images (integrate existing libraries metadata-extractor and PNGJ).
  • Retire.js : Plugin to identify vulnerable JavaScript library (based on Retire.js repository).
  • Rhinauditor : Plugin to do static analysis on intercepted Javascript code. This plugin is experimental and it is in a very early development stage.