I was browsing the plugins available for Intellij and came across this gem: http://findbugs.sourceforge.net/.
Hats off to University of Maryland for this nifty little tool (does not require Intellij). Findbugs does static analysis of your projects and identifies patterns for bad code. General categories it includes are malicious code vulnerabilities, performance issues, “dodgy” code (dead code, abuse of statics, etc), correctness issues, experimental (not totally sure what this one is yet), security issues, and threading issues. The integration with Intellij is pretty slick and I expect to get a fair bit of milage out of this tool (plugins also exists for NetBeans and Eclipse).