Alternatives and similar repositories for JStap

Users that are interested in JStap are comparing it to the libraries listed below

• Aurore54F / JaSt
  Syntactic detection of malicious (obfuscated) JavaScript files
  ☆82Updated 5 years ago
• Aurore54F / static-pdg-js
  Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis
  ☆26Updated 3 years ago
• MarM15 / js-transformations
  JavaScript Transformation Techniques Detection
  ☆10Updated 4 years ago
• Aurore54F / HideNoSeek
  Static data flow-based analysis of JavaScript files to detect syntactic clones
  ☆23Updated 5 years ago
• cristianstaicu / SecBench.js
  ☆31Updated 8 months ago
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆75Updated 3 years ago
• Song-Li / ObjLupAnsys
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆24Updated 3 years ago
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆45Updated 3 years ago
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆31Updated 4 months ago
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆134Updated 2 years ago
• Aurore54F / syntactic-jsdetector
  (AST-based + variables' name info) malicious JavaScript detection system, concept from Zozzle
  ☆16Updated 5 years ago
• secure-software-engineering / swan
  Security methods for WeAkNess detection
  ☆20Updated 3 months ago
• SunLab-GMU / PatchDB
  The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…
  ☆41Updated last year
• Song-Li / ODGen
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆153Updated last year
• squizz617 / vuddy
  VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)
  ☆52Updated 4 months ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆29Updated last year
• Tricker-z / TPLite
  ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?
  ☆30Updated last year
• TQRG / secbench
  🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)
  ☆40Updated 2 months ago
• CGCL-codes / SCVDT
  Source Code Vulnerability Detection Tools（SCVDT）provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…
  ☆117Updated 4 years ago
• vulpecker / Vulpecker
  An Automated Vulnerability Detection System
  ☆60Updated 8 years ago
• NUS-Curiosity / VulZoo
  VulZoo: A Comprehensive Vulnerability Intelligence Dataset (ASE 2024 Demo)
  ☆51Updated 3 months ago
• geeksonsecurity / js-malicious-dataset
  This repository contains a list of pseudo-sorted malicious JavaScripts collected from time to time.
  ☆85Updated 2 years ago
• vuduclyunitn / software_supply_chain_papers
  This repository contains a list of papers about software supply chain
  ☆29Updated last year
• twelveand0 / CarrotsBlender
  holding data and processing code for the paper 'A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lesso…
  ☆20Updated 4 years ago
• dbrumley / redebug
  ReDeBug Source Code.
  ☆24Updated last year
• wrmelicher / ChromiumTaintTracking
  ☆19Updated 6 years ago
• rwnbiad105 / MPHunter
  MPHunter can detect malicious packages without explicit knowledge.
  ☆5Updated last year
• ConstantinT / jAEk
  This is the repository for JÄk. I created it as prototype during my masterthesis.
  ☆30Updated 7 years ago
• DeepSoftwareAnalytics / LibDB
  ☆34Updated 2 years ago
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆27Updated 2 years ago