Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
☆80Nov 23, 2021Updated 4 years ago
Alternatives and similar repositories for DoubleX
Users that are interested in DoubleX are comparing it to the libraries listed below
Sorting:
- ☆14Feb 11, 2023Updated 3 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 4 years ago
- ☆10Sep 25, 2024Updated last year
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆15Sep 14, 2022Updated 3 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Jan 30, 2025Updated last year
- ☆12Jun 14, 2017Updated 8 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆82Mar 19, 2024Updated last year
- Subdomain finder☆10Mar 13, 2025Updated 11 months ago
- Extract parameters/paths from urls☆17Aug 2, 2020Updated 5 years ago
- Super IOCTL Basic Fuzzer☆16Sep 22, 2019Updated 6 years ago
- A tool for adding new lines to files, skipping duplicates and written in Rust!☆19May 8, 2025Updated 10 months ago
- SymFusion: Hybrid Instrumentation for Concolic Execution☆18May 5, 2023Updated 2 years ago
- A framework for identifying vulnerabilities in VS Code extensions☆19Jul 9, 2024Updated last year
- Toolchain to retrieve and parse privacy policies from websites as described in our paper "Unifying Privacy Policy Detection" by Henry Hos…☆17Apr 8, 2025Updated 11 months ago
- Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork☆16Jul 17, 2022Updated 3 years ago
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆163Feb 25, 2026Updated last week
- ☆22May 29, 2020Updated 5 years ago
- This is the repository for OVRSeen, a system and framework to perform network traffic and privacy policy analyses on VR apps.☆19Oct 27, 2023Updated 2 years ago
- apkizer is a mass downloader for android applications for all available versions.☆46Aug 11, 2021Updated 4 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Rust语言安全相关分析☆23Jan 20, 2022Updated 4 years ago
- Windows Injection 101: from Zero to ROP (HITCON 2017)☆29Aug 27, 2017Updated 8 years ago
- Concurrency Paper☆115Jun 1, 2023Updated 2 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆165Jan 29, 2024Updated 2 years ago
- details about DIAL protocol vulnerabilities☆29Nov 24, 2023Updated 2 years ago
- ☆23Apr 1, 2021Updated 4 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Mar 30, 2020Updated 5 years ago
- Winstrument is a framework of modular scripts to aid in instrumenting Windows software using Frida for reverse engineering and attack sur…☆68Jul 12, 2020Updated 5 years ago
- ☆34Aug 28, 2024Updated last year
- The AntMonitor app and library for VPN-based traffic inspection on Android☆24May 1, 2025Updated 10 months ago
- FLOWMATRIX: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation, USENIX Security'22☆28Apr 17, 2023Updated 2 years ago
- ASLR Evasion, Egghunters, SEH Overwrites☆29Mar 6, 2021Updated 5 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- MemLock: Memory Usage Guided Fuzzing☆32Jun 30, 2020Updated 5 years ago
- CFG and scripts for fuzzing the PHP interpreter with Domato☆28Jan 4, 2020Updated 6 years ago
- A instrumented variant of the V8 JavaScript Engine☆243Feb 24, 2026Updated last week
- ☆32Jul 13, 2022Updated 3 years ago