Alternatives and similar repositories for DongTai-engine

Users that are interested in DongTai-engine are comparing it to the libraries listed below

• TomAPU / WAF-rules
  ☆22Updated 5 years ago
• grayddq / PypiScan
  这个脚本主要提供对pypi供应链的源头进行安全扫描研究，扫描并发现未知的恶意包情况。
  ☆29Updated last year
• ASTTeam / Semgrep
  《深入理解Semgrep》Finding vulnerabilities with Semgrep.
  ☆48Updated last year
• Conanjun / codeql_chinese
  CodeQL中文资料和常见使用解释。Chinese version of Codeql documents
  ☆9Updated 4 years ago
• haby0 / mark
  notes
  ☆27Updated 2 years ago
• angelwhu / jvm-rasp
  基于JVM-Sandbox实现RASP安全监控防护
  ☆52Updated last year
• HXSecurity / DongTai-Plugin-IDEA
  Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions suc…
  ☆27Updated last year
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆30Updated 2 years ago
• bigBestWay / ice
  Use java instrument API without JAR file
  ☆45Updated 2 years ago
• BytecodeDL / soot-fact-generator
  generate facts from bytecode (source is https://github.com/plast-lab/doop-mirror/tree/master/generators)
  ☆23Updated 5 months ago
• 7hang / Android-IOS-Security
  移动安全
  ☆31Updated 4 years ago
• threedr3am / FindClassInJars
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Updated 5 years ago
• iiiusky / java_rasp_example
  ☆28Updated 4 years ago
• Anemone95 / JSecCode
  A Vulnerable Web App written by JavaScript (Vue+Egg)
  ☆12Updated 6 months ago
• Monyer / xssee
  A js encode/decode simple tool for XSS
  ☆27Updated 5 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆59Updated last year
• 404notf0und / AI-for-Security-Landing
  企业级安全智能化实践
  ☆69Updated 3 years ago
• Ant-FG-Lab / non_RCE
  ☆41Updated 4 years ago
• HXSecurity / vulhub-compose
  vulhub-compose是一款屏蔽docker-compose的命令行工具，目的是降低火线平台社区用户使用vulhub靶场的难度，减少学习docker-compose的时间成本；同时，支持直接安装洞态IAST（原灵芝IAST）到vulhub靶场，用于漏洞复现、漏洞挖掘。
  ☆46Updated 4 years ago
• SummerSec / SPATool
  静态程序分析工具 主要生成方法的CFG和.java文件的AST
  ☆129Updated last year
• ODDFuzz / ODDFuzz
  S&P2023 Paper
  ☆39Updated 2 years ago
• wrlu / SecMobile
  移动安全检测平台，支持Android和iOS应用辅助分析。
  ☆46Updated 4 years ago
• jweny / check_jsonp_based_on_ast
  基于AST的JSONP劫持漏洞自动化挖掘
  ☆93Updated 4 years ago
• boundaryx / cloudrasp-log4j2
  一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…
  ☆123Updated 3 years ago
• cor0ps / codeql
  收集规则
  ☆30Updated 2 years ago
• Leeyuxun / CNN-WebShell-Detect-Tool
  基于卷积神经网络的WebShell检测工具，可以检测JSP和PHP类型文件，以opcode和bytecode作为检测特征，基于Django框架
  ☆17Updated 3 years ago
• threedr3am / GuanYu
  JVM runtime class loading protection agent.（JVM类加载保护agent）
  ☆48Updated 4 years ago
• LuckyC4t / gosec-m
  gosec动态规则修改版
  ☆12Updated 3 years ago
• Ramos-dev / graph4code
  超硬核！使用图数据技术发现软件漏洞
  ☆184Updated 3 years ago
• LeadroyaL / java_xxe_2019
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆57Updated 5 years ago