Fraunhofer-AISEC / codyze
Codyze is a static analyzer for Java, C, C++ based on code property graphs
☆88Updated 3 weeks ago
Alternatives and similar repositories for codyze:
Users that are interested in codyze are comparing it to the libraries listed below
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆53Updated 3 years ago
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆66Updated 2 months ago
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆73Updated 4 months ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆90Updated 6 years ago
- Doop - Framework for Java Pointer and Taint Analysis☆17Updated 6 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆17Updated 3 weeks ago
- Home page of project "KB"☆117Updated 2 months ago
- AFL-based fuzzing for Java☆235Updated 5 years ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆112Updated 3 years ago
- Testability Pattern Catalogs for SAST☆29Updated this week
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆40Updated 3 years ago
- Phosphor: Dynamic Taint Tracking for the JVM☆171Updated last month
- Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis☆128Updated last week
- COVA - A static analysis tool to compute path conditions☆32Updated 2 years ago
- Joana - Information Flow Control for Java☆91Updated 3 years ago
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆303Updated this week
- CogniCrypt_SAST: CrySL-to-Static Analysis Compiler☆70Updated 2 weeks ago
- Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.☆28Updated 6 years ago
- Basic Gradle configuration and example drivers to get started with WALA☆29Updated 2 months ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 6 years ago
- A set of Code-ql/Joern queries to find vulnerabilities☆57Updated 3 years ago
- The official repo of Doop, the declarative pointer analysis framework.☆173Updated this week
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆22Updated 3 years ago
- Works about detecting vulnerable using ML.☆83Updated 4 years ago
- Study WALA and static code analysis . This project introduces the required knowledge and study roadmap.☆21Updated 4 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆127Updated 2 years ago
- A dynamic symbolic analysis tool for Java☆116Updated 5 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 4 years ago
- A static analysis tool for Java programs, based on the theory of code property graphs.☆18Updated last year
- VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)☆52Updated 3 weeks ago