crypto-audit A static analysis tool for detecting non-FIPS-compliant cryptographic API usage in Java applications.