Modular static malicious JavaScript detection system
☆75Jan 18, 2021Updated 5 years ago
Alternatives and similar repositories for JStap
Users that are interested in JStap are comparing it to the libraries listed below
Sorting:
- (AST-based + variables' name info) malicious JavaScript detection system, concept from Zozzle☆16Nov 10, 2019Updated 6 years ago
- Syntactic detection of malicious (obfuscated) JavaScript files☆83Feb 1, 2020Updated 6 years ago
- Discovered Data and Source Code☆10May 5, 2025Updated 10 months ago
- ☆30Nov 29, 2021Updated 4 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 4 years ago
- A crawler that uses OpenWPM.☆12Dec 26, 2021Updated 4 years ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆21Mar 7, 2025Updated last year
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆80Nov 23, 2021Updated 4 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆26Nov 30, 2021Updated 4 years ago
- Corresponding code to "Improving Robustness of ML Classifiers against Realizable Evasion Attacks Using Conserved Features" @ USENIX Secur…☆11Aug 5, 2019Updated 6 years ago
- A instrumented variant of the V8 JavaScript Engine☆243Feb 24, 2026Updated last week
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Mar 30, 2020Updated 5 years ago
- ☆10Sep 4, 2020Updated 5 years ago
- ☆13Mar 19, 2022Updated 3 years ago
- Framework which makes large scale crawling of URLs with VisibleV8 easy.☆11Jan 28, 2026Updated last month
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- CNN for detecting malicious PDF☆11Jul 25, 2024Updated last year
- Writeups of CTF challenges I do☆13Sep 29, 2019Updated 6 years ago
- A Vulnerable Web App written by JavaScript (Vue+Egg)☆12Oct 31, 2024Updated last year
- Library for scraping, parsing, and analyzing privacy policies.☆18Feb 8, 2023Updated 3 years ago
- ☆13Oct 31, 2022Updated 3 years ago
- Javascript AST to CFG converter☆21Jun 12, 2016Updated 9 years ago
- ☆15Jul 30, 2024Updated last year
- run all your test against a GitHub Pull request☆15May 26, 2023Updated 2 years ago
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆115Jan 24, 2026Updated last month
- ☆16Dec 22, 2019Updated 6 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Jan 30, 2025Updated last year
- Indexing reachability for context-sensitive data flow analysis.☆12Jul 10, 2022Updated 3 years ago
- some codeql rules☆15Apr 6, 2020Updated 5 years ago
- This project aims to detect if a pdf file is clean or malicious using Machine Leaning Techniques☆22Apr 15, 2022Updated 3 years ago
- ☆17Jul 20, 2018Updated 7 years ago
- Defense from the 2020 Microsoft Evasion Competition☆17Apr 27, 2021Updated 4 years ago
- ☆22Mar 20, 2023Updated 2 years ago
- TamiFlex facilitates static analysis of programs that use reflection and custom class loaders☆44May 15, 2021Updated 4 years ago
- CTF stuff☆40Dec 5, 2022Updated 3 years ago
- A tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to…☆46May 31, 2020Updated 5 years ago
- 2020 Machine Learning Security Evasion Competition☆49Aug 6, 2020Updated 5 years ago