a program that examines source code and reports possible security weaknesses (``flaws'') sorted by risk level. It's very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public.
a tool for generating call graphs from source code. It supports various data collection methods such as using a patched compiler or objdump to collect proper information about the source and its layout. It currently supports C and C++ and comes with full