Invizory / taintflow
TaintFlow, a framework for JavaScript dynamic information flow analysis.
☆16Updated last year
Related projects: ⓘ
- Performant taint analysis for Node.js☆46Updated last month
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆16Updated 3 years ago
- ☆28Updated last year
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆63Updated 2 years ago
- COVA - A static analysis tool to compute path conditions☆32Updated last year
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆16Updated 6 months ago
- Implementing taint tracking in WebAssembly as a part of the V8 Javascript Engine.☆21Updated 6 years ago
- Default query sets for Joern☆24Updated 2 years ago
- Static data flow-based analysis of JavaScript files to detect syntactic clones☆22Updated 4 years ago
- ☆47Updated 4 years ago
- libFuzzer-based JavaScript fuzzing using Bellard's QuickJS.☆73Updated 3 years ago
- Improving security and resilience of WebAssembly VMs/runtimes/parsers using fuzzing☆85Updated last month
- JavaScript virtual machine for WebAssembly and Taint Tracking security tool☆14Updated 6 years ago
- A tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to…☆47Updated 4 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆22Updated 2 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆146Updated 7 months ago
- ☆13Updated last year
- Grammar-based fuzzing corpus generator☆39Updated last year
- ☆18Updated 5 years ago
- ☆45Updated this week
- Security methods for WeAkNess detection☆19Updated this week
- Testability Pattern Catalogs for SAST☆29Updated 6 months ago
- ☆25Updated last year
- ReDeBug Source Code.☆24Updated 9 months ago
- Benchmark apps for static analyzing native world of Android applications.☆11Updated 5 years ago
- 模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)☆20Updated 3 years ago
- A Static Analysis Tool For Android Apps☆18Updated 2 years ago
- This is the project of LearnAFL.☆26Updated 4 years ago
- Toy implementation of a Automated Exploit Generation built on Angr; stiched using radare, pwntools, pyelftools, and Angrop.☆17Updated 2 years ago