Invizory / taintflowLinks
TaintFlow, a framework for JavaScript dynamic information flow analysis.
☆18Updated 2 years ago
Alternatives and similar repositories for taintflow
Users that are interested in taintflow are comparing it to the libraries listed below
Sorting:
- Performant taint analysis for Node.js☆55Updated last year
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆23Updated 5 years ago
- COVA - A static analysis tool to compute path conditions☆37Updated last month
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆76Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆155Updated last year
- ☆29Updated 3 months ago
- Fuzz testing framework for binary programs using AI☆52Updated last year
- ☆10Updated 5 years ago
- Modular static malicious JavaScript detection system☆71Updated 4 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Updated 7 months ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆24Updated 3 years ago
- ☆53Updated 7 years ago
- Testability Pattern Catalogs for SAST☆31Updated 6 months ago
- ☆22Updated 2 years ago
- The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…☆43Updated last year
- A set of Code-ql/Joern queries to find vulnerabilities☆64Updated 4 years ago
- A Cross-Language Dynamic Information Flow Analysis.☆24Updated 2 years ago
- A collection of JavaScript test suites from JavaScript engine & Test262 repositories.☆21Updated 4 years ago
- A points-to and alias analysis benchmark suite☆41Updated 6 years ago
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 7 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- Mutation-guided mutation-based fuzz testing☆47Updated last year
- CRash Scope (CRScope) is a ML-guided crash classifier of a given JavaScript engine crash-dump file.☆13Updated 6 years ago
- A curated list of Grammar based fuzzing research papers, codes, tutorials☆124Updated 3 years ago
- VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)☆51Updated 7 months ago
- ☆16Updated 5 years ago
- ☆12Updated 4 years ago
- Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference (ICSE '20)☆54Updated 4 years ago
- Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.☆57Updated 7 months ago
- Indexing reachability for context-sensitive data flow analysis.☆12Updated 3 years ago