...Static Code Analysis Get sql statment form java code https://github.com/szalek/code_analyzer_sql Dependency check (java / maven) https://jeremylong.github.io/DependencyCheck/dependency-check-cli/index.html Crawling content by wget http://blog.michalszalkowski.com/other/crawling-content-by-wget/ SonarQube – Security-related rules https://docs.sonarqube.org/display/SONAR/Security-related+rules#Security-relatedrules-OWASPTop10