Alternatives and similar repositories for DongTai-engine

Users that are interested in DongTai-engine are comparing it to the libraries listed below

• Anemone95 / JSecCode
  A Vulnerable Web App written by JavaScript (Vue+Egg)
  ☆12Updated last year
• Ramos-dev / graph4code
  超硬核！使用图数据技术发现软件漏洞
  ☆185Updated 4 years ago
• TomAPU / WAF-rules
  ☆22Updated 6 years ago
• angelwhu / jvm-rasp
  基于JVM-Sandbox实现RASP安全监控防护
  ☆52Updated 2 years ago
• twosmi1e / Static-Analysis-and-Automated-Code-Audit
  静态分析及代码审计自动化相关资料收集
  ☆296Updated 3 years ago
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆28Updated 3 years ago
• Marcono1234 / codeql-java-queries
  Personal CodeQL queries
  ☆63Updated last month
• lcatro / browser_vuln_check
  browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…
  ☆118Updated 8 years ago
• blue-lotus / BCTF2018
  ☆35Updated 6 years ago
• sherlly / ciscn2018-pwn
  2018大学生信息安全国赛pwn出题docker
  ☆26Updated 7 years ago
• ZhuriLab / Exploits
  CVE exploits for Web, Windows, Linux and others are independently written by Zhuri Lab
  ☆46Updated 4 years ago
• jimocode / CodeInspector
  基于Java ASM技术和GadgetInspector的原理，尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析
  ☆37Updated 4 years ago
• D-3CTF / D3CTF-2019-Challenges
  ☆78Updated 5 years ago
• salmonx / dictionaries
  Fuzzing dictionaries for afl-fuzz/LibFuzzer
  ☆90Updated 4 years ago
• LeadroyaL / java_xxe_2019
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆58Updated 6 years ago
• 404notf0und / AI-for-Security-Landing
  企业级安全智能化实践
  ☆69Updated 3 years ago
• BytecodeDL / ByteCodeDL
  A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
  ☆342Updated last year
• grayddq / PypiScan
  这个脚本主要提供对pypi供应链的源头进行安全扫描研究，扫描并发现未知的恶意包情况。
  ☆28Updated 2 years ago
• soot-oss / TaintAnalysis
  Taint analysis implementation based on Heros and Soot
  ☆45Updated last year
• iiiusky / java_rasp_example
  ☆28Updated 5 years ago
• ODDFuzz / ODDFuzz
  S&P2023 Paper
  ☆39Updated 3 years ago
• Lonely-night / fastjson_gadgets_scanner
  ☆131Updated 3 years ago
• LyleMi / Browser-Fuzz-Summarize
  Browser Fuzz Summarize / 浏览器模糊测试综述
  ☆142Updated 5 years ago
• Feysh-Group / corax-community
  Corax for Java: A general static analysis framework for java code checking.
  ☆253Updated 10 months ago
• codeplutos / java-security-manager-bypass
  ☆151Updated 6 years ago
• wdeilim / Audit-Rules
  A curated list of audit rules which extract from Source Code Auditing tools.
  ☆15Updated 5 years ago
• 0Kee-Team / JavaProbe
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆203Updated 4 years ago
• threedr3am / gadgetinspector
  一个利用ASM对字节码进行污点传播分析的静态代码审计应用（添加了大量代码注释，适合大家进行源码学习）。也加入了挖掘Fastjson反序列化gadget chains和SQLInject（JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等）静…
  ☆454Updated 3 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆68Updated last week
• OSUSecLab / TaintMini
  Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  ☆78Updated last year