Aurore54F / JStap
Modular static malicious JavaScript detection system
☆69Updated 4 years ago
Alternatives and similar repositories for JStap:
Users that are interested in JStap are comparing it to the libraries listed below
- Syntactic detection of malicious (obfuscated) JavaScript files☆81Updated 5 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆25Updated 3 years ago
- JavaScript Transformation Techniques Detection☆10Updated 3 years ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆74Updated 3 years ago
- ☆31Updated 6 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆133Updated 2 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆43Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆154Updated last year
- Testability Pattern Catalogs for SAST☆30Updated 2 months ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆25Updated 2 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆23Updated 3 years ago
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆86Updated 2 weeks ago
- (AST-based + variables' name info) malicious JavaScript detection system, concept from Zozzle☆16Updated 5 years ago
- This repository contains a list of pseudo-sorted malicious JavaScripts collected from time to time.☆83Updated 2 years ago
- ☆28Updated last year
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆54Updated 3 years ago
- Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…☆14Updated 8 months ago
- Home page of project "KB"☆123Updated 3 weeks ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆27Updated last year
- Static analysis to detect taint in java programs☆9Updated 11 years ago
- ☆28Updated 3 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆105Updated 4 months ago
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆90Updated last year
- This is the repository for JÄk. I created it as prototype during my masterthesis.☆30Updated 7 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆75Updated last month
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆116Updated 3 years ago
- This repository contains a list of papers about software supply chain☆27Updated 11 months ago
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆242Updated 8 months ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆87Updated 3 months ago