Almost in every project I participated in I run http://findbugs.sourceforge.net/ on the code base and found it to be extremely helpful.

It has an Eclipse plug in, it can run standalone or using JNLP on the browser.

Only yesterday i used it to confirm that a suspicious class has an indirect reference to a non serializable class and hence itself is not serilaizable.

Highly recommended,