Alternatives and similar repositories for taintflow

Users that are interested in taintflow are comparing it to the libraries listed below

• nuprl / augur
  Performant taint analysis for Node.js
  ☆55Updated last year
• secure-software-engineering / COVA
  COVA - A static analysis tool to compute path conditions
  ☆37Updated 3 months ago
• adamdoupe / enemy-of-the-state
  This novel black-box web vulnerability scanner attempts to infer the state machine of the web application.
  ☆19Updated 5 years ago
• Aurore54F / HideNoSeek
  Static data flow-based analysis of JavaScript files to detect syntactic clones
  ☆23Updated 5 years ago
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆76Updated 3 years ago
• WSP-LAB / CRScope
  CRash Scope (CRScope) is a ML-guided crash classifier of a given JavaScript engine crash-dump file.
  ☆13Updated 6 years ago
• secure-software-engineering / secucheck
  Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…
  ☆18Updated 9 months ago
• mariussteffens / pmforce
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆18Updated 4 years ago
• fast-sp-2023 / fast
  ☆29Updated 6 months ago
• Song-Li / ODGen
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆157Updated last year
• nettrino / slowfuzz
  ☆54Updated 7 years ago
• wrmelicher / ChromiumTaintTracking
  ☆19Updated 6 years ago
• MoonLight-SteinsGate / LearnAFL
  This is the project of LearnAFL.
  ☆28Updated 5 years ago
• Song-Li / ObjLupAnsys
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆25Updated 3 years ago
• WSP-LAB / js-test-suite
  A collection of JavaScript test suites from JavaScript engine & Test262 repositories.
  ☆21Updated 5 years ago
• elManto / StaticAnalysisQueries
  A set of Code-ql/Joern queries to find vulnerabilities
  ☆65Updated 4 years ago
• salmonx / seeds
  模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)
  ☆23Updated 4 years ago
• unibuc-cs / river
  Fuzz testing framework for binary programs using AI
  ☆52Updated 2 years ago
• Fraunhofer-AISEC / codyze
  Codyze is a static analyzer for Java, C, C++ based on code property graphs
  ☆89Updated 9 months ago
• plume-oss / plume
  Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…
  ☆75Updated last year
• dbrumley / redebug
  ReDeBug Source Code.
  ☆24Updated last year
• awen-li / PolyCruise
  A Cross-Language Dynamic Information Flow Analysis.
  ☆25Updated 2 years ago
• WSP-LAB / Montage
  Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer
  ☆87Updated last year
• compsec-snu / fuzzorigin
  ☆18Updated 2 years ago
• AngoraFuzzer / FuzzingRealProgramBenchStatistics
  List the real world programs evaluated in fuzzing papers.
  ☆56Updated 6 years ago
• Aurore54F / JStap
  Modular static malicious JavaScript detection system
  ☆74Updated 4 years ago
• squizz617 / vuddy
  VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)
  ☆51Updated 9 months ago
• hksecurity / FuzzBuilder
  ☆47Updated 5 years ago
• wtwofire / A-systematic-review-of-fuzzing-based-on-machine-learning-techniques
  ☆10Updated 5 years ago
• sslab-gatech / freedom
  A DOM fuzzer
  ☆153Updated 3 years ago