Konano / ReqsMinerLinks
[NDSS 2024] ReqsMiner is an innovative fuzzing framework developed to discover previously unexamined inconsistencies in CDN forwarding requests. The framework uses techniques derived from reinforcement learning to generate valid test cases, even with minimal feedback, and incorporates real field values into the grammar-based fuzzer.
☆25Updated last year
Alternatives and similar repositories for ReqsMiner
Users that are interested in ReqsMiner are comparing it to the libraries listed below
Sorting:
- ☆27Updated 3 years ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆75Updated last year
- Artifact for ICSE 2023☆50Updated 3 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆97Updated 2 years ago
- ☆16Updated 2 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆184Updated last year
- 漏洞规则库是一个致力于帮助开发者识别和避免常见安全漏洞的开源项目。我们收集、整理和分析各类编程语言和常用库中的安全漏洞模式,并提供相应的防范措施和最佳实践。☆38Updated 5 months ago
- ☆27Updated last year
- A grey-box web application Fuzzer☆25Updated last year
- ☆18Updated last year
- ☆41Updated 3 years ago
- ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection☆81Updated 3 years ago
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Updated 6 months ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆37Updated 5 years ago
- The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents☆50Updated 4 months ago
- ☆60Updated 2 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…☆128Updated 10 months ago
- Challenge attachments for RWCTF 3rd.☆91Updated 4 years ago
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆240Updated 2 weeks ago
- ☆22Updated 3 years ago
- ☆64Updated 4 years ago
- Collect public CTF source code repo☆48Updated 4 years ago
- ☆42Updated 3 years ago
- Witcher is the first framework for using AFL to fuzz web applications.☆104Updated 2 years ago
- YuraScanner☆71Updated 11 months ago
- ☆16Updated 2 years ago
- Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)☆13Updated last year
- A set of Code-ql/Joern queries to find vulnerabilities☆67Updated 4 years ago