Aurore54F / JStap
Modular static malicious JavaScript detection system
☆69Updated 4 years ago
Alternatives and similar repositories for JStap:
Users that are interested in JStap are comparing it to the libraries listed below
- Syntactic detection of malicious (obfuscated) JavaScript files☆81Updated 5 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- JavaScript Transformation Techniques Detection☆10Updated 3 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆25Updated 3 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆130Updated 2 years ago
- ☆31Updated 6 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆43Updated 3 years ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆74Updated 3 years ago
- ☆28Updated 3 years ago
- Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…☆13Updated 7 months ago
- Testability Pattern Catalogs for SAST☆30Updated last month
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆153Updated last year
- ☆26Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆23Updated 3 years ago
- Home page of project "KB"☆121Updated last week
- (AST-based + variables' name info) malicious JavaScript detection system, concept from Zozzle☆16Updated 5 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆87Updated 2 months ago
- This repository contains a list of pseudo-sorted malicious JavaScripts collected from time to time.☆83Updated 2 years ago
- ☆46Updated last year
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆53Updated 3 years ago
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆88Updated last year
- ☆54Updated last year
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆114Updated 3 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆105Updated 3 months ago
- The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…☆40Updated last year
- VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)☆51Updated 2 months ago
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆85Updated 4 months ago
- This repository contains a list of papers about software supply chain☆27Updated 10 months ago
- An Automated Vulnerability Detection System☆59Updated 8 years ago
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆38Updated 2 years ago