Aurore54F / DoubleXLinks
Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
☆75Updated 3 years ago
Alternatives and similar repositories for DoubleX
Users that are interested in DoubleX are comparing it to the libraries listed below
Sorting:
- Modular static malicious JavaScript detection system☆71Updated 4 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆154Updated last year
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Updated 3 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆111Updated 7 months ago
- Testability Pattern Catalogs for SAST☆31Updated 5 months ago
- ☆33Updated 10 months ago
- YuraScanner☆47Updated 5 months ago
- ☆54Updated 2 years ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆29Updated last year
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆115Updated this week
- CodeQL queries developed by Trail of Bits☆108Updated 2 months ago
- VulZoo: A Comprehensive Vulnerability Intelligence Dataset | ASE 2024 Demo☆58Updated 4 months ago
- ☆48Updated last year
- ☆31Updated last month
- Large Language Model guided Protocol Fuzzing (NDSS'24)☆348Updated last month
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- A framework for identifying vulnerabilities in VS Code extensions☆18Updated last year
- An autonomous LLM-agent for large-scale, repository-level code auditing☆192Updated 3 weeks ago
- Performant taint analysis for Node.js☆55Updated last year
- [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.☆85Updated 3 months ago
- TaintFlow, a framework for JavaScript dynamic information flow analysis.☆18Updated 2 years ago
- find relevant security papers published in the top-4 conferences (S&P, USENIX, CCS, NDSS)☆186Updated 11 months ago
- Fuzz anything with Program Environment Fuzzing☆389Updated 6 months ago
- MINER provided by the paper "MINER: A Hybrid Data-Driven Approach for REST API Fuzzing"☆40Updated 2 years ago
- ☆26Updated 2 years ago
- Hey folks, this is a repository for papers on LLM for Vuln. Detection area☆56Updated 4 months ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆77Updated 3 weeks ago
- ☆134Updated last year
- ☆29Updated 3 months ago
- CVE-Bench: A Benchmark for AI Agents’ Ability to Exploit Real-World Web Application Vulnerabilities☆73Updated 3 weeks ago