NicolaasWeideman / RegexStaticAnalysis

Related projects ⓘ

Alternatives and complementary repositories for RegexStaticAnalysis

• superhuman / rxxr2
  ☆141Updated last year
• 2bdenny / ReScue
  An automated tool for the detection of regexes' slow-matching vulnerabilities.
  ☆154Updated 2 years ago
• davisjam / vuln-regex-detector
  Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
  ☆320Updated 2 years ago
• sola-da / ReDoS-vulnerabilities
  A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-con…
  ☆58Updated 6 years ago
• wala / jsdelta
  A delta debugger for JavaScript
  ☆51Updated 2 years ago
• cristianstaicu / SecBench.js
  ☆28Updated last month
• Haiyang-Sun / nodeprof.js
  Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.
  ☆53Updated last month
• JacksonGL / NPM-Vuln-PoC
  Vulnerabilities discovered in npm packages [Berkeley PL & Security Research]
  ☆42Updated 4 months ago
• ConstantinT / jAEk
  This is the repository for JÄk. I created it as prototype during my masterthesis.
  ☆30Updated 6 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• Fraunhofer-AISEC / codyze
  Codyze is a static analyzer for Java, C, C++ based on code property graphs
  ☆87Updated this week
• wala / JS_WALA
  WALA analyses and tools that are implemented in JavaScript
  ☆82Updated 8 years ago
• Invizory / taintflow
  TaintFlow, a framework for JavaScript dynamic information flow analysis.
  ☆17Updated last year
• SAP-archive / node-rasp
  An extended Node.js runtime with additional security mechanisms built-in. Protects your Node.js applications from injection attacks such …
  ☆31Updated 3 years ago
• olivo / redos-detector
  A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.
  ☆33Updated 8 years ago
• asrulhadi / wap
  OWASP WAP - Web Application Protection Project
  ☆11Updated 5 years ago
• ExpoSEJS / ExpoSE
  A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and sup…
  ☆190Updated 4 months ago
• cs-au-dk / TAJS
  Type Analyzer for JavaScript
  ☆194Updated 4 years ago
• ajinabraham / libsast
  Generic SAST Library
  ☆125Updated this week
• zifeng-kang / ProbetheProto
  ☆27Updated 2 years ago
• HoLyVieR / prototype-pollution-nsec18
  Content released at NorthSec 2018 for my talk on prototype pollution
  ☆515Updated 5 months ago
• sola-da / Synode
  Automatically Preventing Code Injection Attacks on Node.js
  ☆78Updated 2 years ago
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 6 years ago
• Barro / java-afl
  Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.
  ☆88Updated 6 years ago
• wrmelicher / ChromiumTaintTracking
  ☆18Updated 5 years ago
• jagracey / RegEx-DoS
  RegEx Denial of Service (ReDos) Scanner
  ☆162Updated 7 years ago
• secure-software-engineering / secucheck
  Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…
  ☆16Updated 8 months ago
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆29Updated 8 months ago
• enferas / TestabilityTarpits
  Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)
  ☆23Updated 9 months ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆86Updated 7 months ago