NicolaasWeideman / RegexStaticAnalysis
A tool to perform static analysis on regexes to determine whether they are vulnerable to ReDoS.
☆110Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for RegexStaticAnalysis
- ☆141Updated last year
- Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.☆53Updated last month
- Type Analyzer for JavaScript☆194Updated 4 years ago
- An automatic testing tool for Java software☆24Updated 6 years ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆88Updated 6 years ago
- An automated tool for the detection of regexes' slow-matching vulnerabilities.☆155Updated 2 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆87Updated 2 weeks ago
- This is the repository for JÄk. I created it as prototype during my masterthesis.☆30Updated 6 years ago
- WALA analyses and tools that are implemented in JavaScript☆82Updated 8 years ago
- Generic SAST Library☆124Updated last week
- Analyse package dependency networks at the call graph level☆92Updated 11 months ago
- TaintFlow, a framework for JavaScript dynamic information flow analysis.☆17Updated last year
- Performant taint analysis for Node.js☆49Updated 3 months ago
- Creates a CFG from JavaScript source code.☆65Updated 2 months ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆34Updated 4 years ago
- A delta debugger for JavaScript☆51Updated 2 years ago
- Personal CodeQL queries☆58Updated this week
- Heaps Don't Lie! Analyzes standard JVM and Android heap snapshots to improve the completeness of program analysis tools such as Doop.☆14Updated 6 months ago
- ☆28Updated last month
- The official repo of Doop, the declarative pointer analysis framework.☆164Updated 2 weeks ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆23Updated 8 months ago
- The trustworthy ReDoS checker☆249Updated this week
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆66Updated 7 months ago
- JoanAudit - A security slicing tool that helps security auditors to perform their security auditing tasks more efficiently☆10Updated 7 years ago
- coverage guided fuzz testing for java☆228Updated 3 years ago
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆17Updated 3 years ago
- A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and sup…☆190Updated 4 months ago
- Static checker for Java☆84Updated 11 months ago
- Phosphor: Dynamic Taint Tracking for the JVM☆166Updated 3 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆16Updated 7 months ago