BEESLab / Arcanum
Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX Security Symposium 2024
☆14Updated 8 months ago
Alternatives and similar repositories for Arcanum:
Users that are interested in Arcanum are comparing it to the libraries listed below
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆25Updated 3 years ago
- Modular static malicious JavaScript detection system☆69Updated 4 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆74Updated 3 years ago
- JavaScript Transformation Techniques Detection☆10Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆154Updated last year
- ☆28Updated last year
- This repo list the core literature in the field of fuzzing test, large language model, and LLM-based fuzzer. Most of papers are selected …☆52Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆133Updated 2 years ago
- ☆31Updated 6 months ago
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆43Updated 2 years ago
- Testability Pattern Catalogs for SAST☆30Updated 2 months ago
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Updated last year
- PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software (ISSTA 2024)☆19Updated last month
- A manually vetted dataset for security vulnerability detection in Java projects☆48Updated this week
- ☆26Updated 7 months ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆14Updated 2 weeks ago
- ☆48Updated 2 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆23Updated 3 years ago
- VulTrigger is a tool to for identifying vulnerability-triggering statements across functions and investigating the effectiveness of funct…☆33Updated last year
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆105Updated 4 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆43Updated 3 years ago
- ☆38Updated 2 years ago
- open science repo of "Neural Transfer Learning for Repairing Security Vulnerabilities in C Code" https://arxiv.org/pdf/2104.08308☆63Updated last year
- Data for LLM4Vuln☆12Updated last year
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆55Updated 5 months ago
- Source code of PurPliance analysis tool.☆17Updated last year
- YuraScanner☆40Updated 2 months ago
- The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…☆44Updated last year
- CovRL-Fuzz: Fuzzing JavaScript Interpreters with Coverage-Guided Reinforcement Learning for LLM-Based Mutation☆24Updated 5 months ago