Fraunhofer-AISEC / codyzeView external linksLinks
Codyze is a static analyzer for Java, C, C++ based on code property graphs
☆91Jan 22, 2025Updated last year
Alternatives and similar repositories for codyze
Users that are interested in codyze are comparing it to the libraries listed below
Sorting:
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆410Updated this week
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆77Oct 14, 2024Updated last year
- A benchmark to evaluate taint analysis☆27Jun 20, 2022Updated 3 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Jan 30, 2025Updated last year
- ☆11Oct 10, 2018Updated 7 years ago
- Precision-guided context sensitivity for pointer analysis☆61Jul 2, 2023Updated 2 years ago
- A points-to and alias analysis benchmark suite☆41Sep 24, 2018Updated 7 years ago
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆68Dec 10, 2024Updated last year
- ☆28Jan 20, 2026Updated 3 weeks ago
- Indexing reachability for context-sensitive data flow analysis.☆12Jul 10, 2022Updated 3 years ago
- Neo4J visualisation tool for the Code Property Graph☆14May 17, 2021Updated 4 years ago
- Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis☆146Jan 22, 2026Updated 3 weeks ago
- The Cloud Property Graph is based on a Code Property Graph and tries to connect static code analysis and Cloud runtime assessment.☆28Jan 22, 2025Updated last year
- Code Property Graph (CPG) frontend for binary applications and libraries.☆95Oct 28, 2021Updated 4 years ago
- A collection of POP exploits.☆30Feb 22, 2021Updated 4 years ago
- Doop - Framework for Java Pointer and Taint Analysis☆19Dec 14, 2018Updated 7 years ago
- COVA - A static analysis tool to compute path conditions☆40Jul 12, 2025Updated 7 months ago
- 基于Java ASM技术和GadgetInspector的原理,尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析☆39Oct 26, 2021Updated 4 years ago
- TSAR (Traits Static AnalyzeR)☆15May 3, 2024Updated last year
- Taint analysis implementation based on Heros and Soot☆45May 6, 2024Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆26Feb 14, 2024Updated 2 years ago
- IFDS/IDE Solver for Soot and other frameworks☆254Updated this week
- T.J. Watson Libraries for Analysis, with front ends for Java, Android, and JavaScript, and many common static program analyses.☆833Feb 3, 2026Updated 2 weeks ago
- A step-by-step tutorial for Soot (a Java static analysis framework)☆449Dec 23, 2022Updated 3 years ago
- SymFusion: Hybrid Instrumentation for Concolic Execution☆18May 5, 2023Updated 2 years ago
- Interprocedural Distributive Environment algorithm implementation☆16Jul 16, 2015Updated 10 years ago
- MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.☆194Oct 29, 2022Updated 3 years ago
- This repository contains all CrySL rules currently used in the crypto assistant CogniCrypt.☆16Dec 15, 2025Updated 2 months ago
- Open Source Software modified or written by Tetrane https://www.tetrane.com for the REVEN product.☆21Feb 9, 2023Updated 3 years ago
- The official repo of Doop, the declarative pointer analysis framework.☆203Jun 4, 2025Updated 8 months ago
- Proximal Gradient Analysis open source release based on our USENIX Security 2021 paper: "Fine Grained Dataflow Analysis with Proximal Gra…☆32Apr 29, 2021Updated 4 years ago
- ☆82Sep 3, 2021Updated 4 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- This novel black-box web vulnerability scanner attempts to infer the state machine of the web application.☆19Mar 12, 2020Updated 5 years ago
- ☆18Sep 2, 2025Updated 5 months ago
- MagpieBridge LSP Framework --- A simple solution for your analysis IDE integration☆81Jul 14, 2025Updated 7 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆118Jun 21, 2021Updated 4 years ago
- A Static Code Feature Extraction Tool for Java and Android☆21Jun 7, 2023Updated 2 years ago
- Fuzzing framework to target native components of android applications☆22Oct 22, 2022Updated 3 years ago