Invizory / taintflow

Related projects: ⓘ

• nuprl / augur
  Performant taint analysis for Node.js
  ☆46Updated last month
• mariussteffens / pmforce
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆16Updated 3 years ago
• cristianstaicu / SecBench.js
  ☆28Updated last year
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆63Updated 2 years ago
• secure-software-engineering / COVA
  COVA - A static analysis tool to compute path conditions
  ☆32Updated last year
• secure-software-engineering / secucheck
  Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…
  ☆16Updated 6 months ago
• wfus / WebAssembly-Taint
  Implementing taint tracking in WebAssembly as a part of the V8 Javascript Engine.
  ☆21Updated 6 years ago
• joernio / query-database
  Default query sets for Joern
  ☆24Updated 2 years ago
• Aurore54F / HideNoSeek
  Static data flow-based analysis of JavaScript files to detect syntactic clones
  ☆22Updated 4 years ago
• hksecurity / FuzzBuilder
  ☆47Updated 4 years ago
• guidovranken / libfuzzer-js
  libFuzzer-based JavaScript fuzzing using Bellard's QuickJS.
  ☆73Updated 3 years ago
• FuzzingLabs / wasm_runtimes_fuzzing
  Improving security and resilience of WebAssembly VMs/runtimes/parsers using fuzzing
  ☆85Updated last month
• aronszanto / wasm-taint-tracking
  JavaScript virtual machine for WebAssembly and Taint Tracking security tool
  ☆14Updated 6 years ago
• OSUSecLab / InputScope
  A tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to…
  ☆47Updated 4 years ago
• Song-Li / ObjLupAnsys
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆22Updated 2 years ago
• Song-Li / ODGen
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆146Updated 7 months ago
• compsec-snu / fuzzorigin
  ☆13Updated last year
• Rog3rSm1th / kharma
  Grammar-based fuzzing corpus generator
  ☆39Updated last year
• wrmelicher / ChromiumTaintTracking
  ☆18Updated 5 years ago
• marcinguy / fuzzer
  ☆45Updated this week
• secure-software-engineering / swan
  Security methods for WeAkNess detection
  ☆19Updated this week
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆29Updated 6 months ago
• vasumv / bonsai-fuzzing
  ☆25Updated last year
• dbrumley / redebug
  ReDeBug Source Code.
  ☆24Updated 9 months ago
• arguslab / NativeFlowBench
  Benchmark apps for static analyzing native world of Android applications.
  ☆11Updated 5 years ago
• salmonx / seeds
  模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)
  ☆20Updated 3 years ago
• ylya / horndroid
  A Static Analysis Tool For Android Apps
  ☆18Updated 2 years ago
• MoonLight-SteinsGate / LearnAFL
  This is the project of LearnAFL.
  ☆26Updated 4 years ago
• rudyerudite / AngErza
  Toy implementation of a Automated Exploit Generation built on Angr; stiched using radare, pwntools, pyelftools, and Angrop.
  ☆17Updated 2 years ago