Privado-Inc / privado-core
The heart & core of Privado code scanner
☆26Updated last week
Related projects: ⓘ
- The Cloud Property Graph is based on a Code Property Graph and tries to connect static code analysis and Cloud runtime assessment.☆22Updated last month
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆69Updated this week
- Home page of project "KB"☆111Updated 2 weeks ago
- ShiftLeft OverflowDB☆112Updated 2 months ago
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆70Updated this week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆138Updated 6 months ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆86Updated this week
- CogniCrypt_SAST: CrySL-to-Static Analysis Compiler☆63Updated this week
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆277Updated this week
- Analyse package dependency networks at the call graph level☆90Updated 9 months ago
- CodeQL Security Queries☆19Updated last week
- Evaluation Framework for Dependency Analysis (EFDA)☆40Updated 2 years ago
- Security methods for WeAkNess detection☆19Updated this week
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆50Updated 3 years ago
- Interface to initiate code scan with Privado to identify data flows and privacy issues☆17Updated 6 months ago
- Externalize Java application access to protected resources as log messages.☆41Updated 4 months ago
- TamiFlex facilitates static analysis of programs that use reflection and custom class loaders☆42Updated 3 years ago
- Code Property Graph: specification, query language, and utilities☆456Updated this week
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆63Updated 2 years ago
- JoanAudit - A security slicing tool that helps security auditors to perform their security auditing tasks more efficiently☆11Updated 7 years ago
- ☆28Updated last year
- Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Dat…☆502Updated last week
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆64Updated 6 months ago
- ☆50Updated this week
- CodeQL queries developed by Trail of Bits☆72Updated 3 weeks ago
- The official repo of Doop, the declarative pointer analysis framework.☆159Updated last week
- OSS-Fuzz vulnerabilities for OSV.☆129Updated this week
- SARIF Microsoft Visual Studio Code extension☆110Updated this week
- A dataset of software supply chain compromises. Please help us maintain it!☆126Updated 2 years ago
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆33Updated last year