Splint is described as 'tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint' and is an app in the Development category. There are eight alternatives to Splint for a variety of platforms, including Windows, Linux, Online / Web-based, BSD and PortableApps.com. The best alternative is Cppcheck, which is both free and Open Source. Other great apps like Splint are Coverity Scan (Freemium), Flawfinder (Free, Open Source), lgtm.com (Free) and EDoC++ (Free, Open Source).
Cppcheck is an static analysis tool for C/C++ code. Unlike C/C++ compilers and many other analysis tools it does not detect syntax errors in the code. Cppcheck primarily detects the types of bugs that the compilers normally do not detect.
Coverity Scan Static Analysis allows to find and fix defects in your Java, C/C++ or C# open source project for free. It tests every line of code and potential execution path. The root cause of each defect is clearly explained, making it easy to fix bugs.
Flawfinder examines source code and reports possible security weaknesses (``flaws'') sorted by risk level. It's very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public.
No screenshots yet
Flawfinder vs Splint opinions
pros, cons and recent comments
Is actively maintained and really fast. Works out of the box without configuration.
lgtm.com is a platform for code analytics. It's free to use for open source software; results for over 55k projects are readily available (add your own!), has automatic code review pull request integration (GitHub, Bitbucket, GitLab), and much more.
Parasoft’s C/C++test is the fully-integrated software testing solution for embedded safety-critical industries. Its automated software testing capabilities are also made for today’s high-velocity Agile DevOps environments.
VCG is an automated code security review tool that handles C/C++, Java, C#, VB and PL/SQL. It has a few features that should hopefully make it useful to anyone conducting code security reviews, particularly where time is at a premium: