Aurore54F / DoubleXLinks
Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
☆76Updated 3 years ago
Alternatives and similar repositories for DoubleX
Users that are interested in DoubleX are comparing it to the libraries listed below
Sorting:
- Modular static malicious JavaScript detection system☆71Updated 4 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆111Updated 8 months ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆155Updated last year
- Testability Pattern Catalogs for SAST☆31Updated 6 months ago
- ☆33Updated 10 months ago
- ☆54Updated 2 years ago
- ☆48Updated last year
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆29Updated last year
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆116Updated 3 weeks ago
- VulZoo: A Comprehensive Vulnerability Intelligence Dataset | ASE 2024 Demo☆60Updated 5 months ago
- CodeQL queries developed by Trail of Bits☆112Updated 2 months ago
- A framework for identifying vulnerabilities in VS Code extensions☆18Updated last year
- YuraScanner☆48Updated 6 months ago
- Home page of project "KB"☆128Updated 5 months ago
- ☆31Updated 2 months ago
- Performant taint analysis for Node.js☆55Updated last year
- Buttercup CRS as submitted to the AIxCC Final Competition☆59Updated last month
- TaintFlow, a framework for JavaScript dynamic information flow analysis.☆18Updated 2 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆151Updated last year
- Security Harness Engineering for Robust Program Analysis☆67Updated last week
- ☆29Updated 3 months ago
- An autonomous LLM-agent for large-scale, repository-level code auditing☆215Updated last month
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆135Updated 2 years ago
- ☆79Updated last week
- AUSERA: Automated Security Vulnerability Detection for Android Apps☆32Updated 10 months ago
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆57Updated 4 years ago
- ☆26Updated 2 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆89Updated 7 months ago