JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
☆118Feb 13, 2026Updated 3 months ago
Alternatives and similar repositories for JAW
Users that are interested in JAW are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆57Oct 25, 2023Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆62Dec 18, 2025Updated 5 months ago
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆172May 19, 2026Updated 2 weeks ago
- Testability Pattern Catalogs for SAST☆35Feb 18, 2025Updated last year
- YuraScanner☆81Feb 13, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆31May 1, 2025Updated last year
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 5 months ago
- TP-Framework: Testability Pattern Framework for SAST☆16May 10, 2024Updated 2 years ago
- Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…☆18Aug 9, 2024Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆25Nov 30, 2021Updated 4 years ago
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆18May 17, 2021Updated 5 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆81Mar 19, 2024Updated 2 years ago
- A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.☆141Jun 7, 2025Updated last year
- A framework for the detection of COSI vulnerabilities / XS-Leaks☆14Mar 29, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Android webviews and securiy☆25Sep 18, 2025Updated 8 months ago
- Discovered Data and Source Code☆10May 5, 2025Updated last year
- SWAT, a dynamic symbolic execution engine for Java Applications that uses ASM for on-the-fly byte code instrumentation.☆46May 27, 2026Updated last week
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆75Jan 21, 2024Updated 2 years ago
- 🐛 A list of writeups from the MSRC (Microsoft) Bug Bounty program☆35Oct 29, 2025Updated 7 months ago
- Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.☆60Jan 18, 2025Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆168Jan 29, 2024Updated 2 years ago
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- burp suite插件☆14Jul 9, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆92Jun 21, 2024Updated last year
- Caido plugin for jxscout☆15May 31, 2026Updated last week
- WALA analyses and tools that are implemented in JavaScript☆81Oct 25, 2016Updated 9 years ago
- Searcher for cross-site leaks (XS-Leaks)☆83Dec 27, 2022Updated 3 years ago
- retrieve comprehensive information about a website, including its title, last modified date, DNS information, subdomains, firewall names,…☆17Mar 24, 2024Updated 2 years ago
- Vision Transformer-Inspired Automated Vulnerability Repair☆19May 13, 2025Updated last year
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Jan 30, 2025Updated last year
- Stats about HTTP response security headers usage mentioned by the OSHP.☆16Jan 25, 2026Updated 4 months ago
- Capture and replay execution traces of client-side web applications☆28May 31, 2013Updated 13 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆29Feb 26, 2022Updated 4 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆91Feb 3, 2024Updated 2 years ago
- A fuzzer setup to fuzz libc functions.☆16Aug 30, 2022Updated 3 years ago
- How effective are LLMs in identifying and exploiting security vulnerabilities?☆71Feb 28, 2025Updated last year
- Statistics of acceptance rate for the top conferences: Oakland, CCS, USENIX Security, NDSS.☆222Oct 18, 2025Updated 7 months ago
- 基于JavaFX框架做的一款安卓漏洞分析桌面软件,采用了反编译技术与静态分析技术,上传apk包即可分析APP可能包含的风险。☆14Nov 23, 2022Updated 3 years ago
- ☆18Sep 4, 2023Updated 2 years ago