HXSecurity / DongTai-engineLinks
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, …
☆20Updated 3 years ago
Alternatives and similar repositories for DongTai-engine
Users that are interested in DongTai-engine are comparing it to the libraries listed below
Sorting:
- ☆22Updated 6 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Updated 4 years ago
- 静态分析及代码审计自动化相关资料收集☆298Updated 3 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆53Updated 2 years ago
- Personal CodeQL queries☆63Updated last month
- 2018大学生信息安全国赛pwn出题docker☆26Updated 7 years ago
- This project contains the challenges & writeups for LANCTF 2019☆15Updated 6 years ago
- browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…☆118Updated 8 years ago
- A Vulnerable Web App written by JavaScript (Vue+Egg)☆12Updated last year
- A benchmark to evaluate taint analysis☆28Updated 3 years ago
- ☆28Updated 5 years ago
- 基于Java ASM技术和GadgetInspector的原理,尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析☆39Updated 4 years ago
- Google V8 with OpenRASP builtins☆56Updated 4 years ago
- ☆35Updated 7 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆344Updated 2 years ago
- IoT漏洞检测平台,支持固件第三方库版本分析。移动安全相关功能移至SecMobile。☆116Updated 5 years ago
- Corax for Java: A general static analysis framework for java code checking.☆254Updated last year
- 企业级安全智能化实践☆70Updated 3 years ago
- Some Docker for CTF environments☆37Updated 7 years ago
- CVE exploits for Web, Windows, Linux and others are independently written by Zhuri Lab☆46Updated 5 years ago
- S&P2023 Paper☆39Updated 3 years ago
- ☆153Updated 6 years ago
- ☆131Updated 3 years ago
- Browser Fuzz Summarize / 浏览器模糊测试综述☆142Updated 5 years ago
- A curated list of audit rules which extract from Source Code Auditing tools.☆15Updated 5 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆184Updated last year
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Updated 6 years ago
- SCTF2020☆86Updated 5 years ago
- 这个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。☆28Updated 2 years ago
- Low-level RASP: Protecting Applications Implemented in High-level Programming Languages☆69Updated 3 months ago