srcAnalyzer

Inspiration

We were inspired by srcML, a tool founded at Kent State, and wanted to build something that helps developers write safer code using it.

What it does

srcAnalyzer scans C++ code for common security issues like unsafe functions and buffer overflows. It gives users a security score and explains the risks in a simple way.

How we built it

We used srcML to convert code into XML, then analyzed that structure with Python to detect insecure patterns. We built a simple web interface using Flask, HTML, and CSS to display results.

Challenges we ran into

We had to learn how to work with srcML, parse XML correctly, and connect our backend analysis to the frontend. Managing GitHub collaboration and merging code was also challenging.

Accomplishments that we're proud of

We successfully built a working static analyzer that can detect real security issues and present them clearly. We also worked effectively as a team and integrated both frontend and backend.

What we learned

We learned how static code analysis works, how to use srcML, and how to collaborate using GitHub. We also improved our skills in Python, web development, and debugging.

What's next for srcAnalyzer

We want to support more programming languages, add more advanced security checks, improve accuracy, and enhance the user interface with better visualizations and real-time feedback.