JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
☆119Feb 13, 2026Updated last month
Alternatives and similar repositories for JAW
Users that are interested in JAW are comparing it to the libraries listed below
Sorting:
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆57Oct 25, 2023Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆61Dec 18, 2025Updated 3 months ago
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆164Feb 25, 2026Updated 3 weeks ago
- Testability Pattern Catalogs for SAST☆34Feb 18, 2025Updated last year
- YuraScanner☆73Feb 13, 2025Updated last year
- ☆32May 1, 2025Updated 10 months ago
- MiniTracker: Large-Scale Sensitive Information Tracking in Mini Apps.☆31Dec 2, 2024Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆26Nov 30, 2021Updated 4 years ago
- Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale☆18May 17, 2021Updated 4 years ago
- A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.☆142Jun 7, 2025Updated 9 months ago
- A framework for the detection of COSI vulnerabilities / XS-Leaks☆14Mar 29, 2023Updated 2 years ago
- 🐛 A list of writeups from the MSRC (Microsoft) Bug Bounty program☆31Oct 29, 2025Updated 4 months ago
- SWAT, a dynamic symbolic execution engine for Java Applications that uses ASM for on-the-fly byte code instrumentation.☆40Apr 30, 2025Updated 10 months ago
- Discovered Data and Source Code☆10May 5, 2025Updated 10 months ago
- Android webviews and securiy☆23Sep 18, 2025Updated 6 months ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆75Jan 21, 2024Updated 2 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆165Jan 29, 2024Updated 2 years ago
- Mini-program Cross Page Request Forgery (MiniCPRF) Analysis Tool.☆18Oct 30, 2024Updated last year
- burp suite插件☆13Jul 9, 2023Updated 2 years ago
- ☆92Jun 21, 2024Updated last year
- Webcrawler to collect cookie data and usage purposes, built using OpenWPM.☆13Jun 3, 2023Updated 2 years ago
- Searcher for cross-site leaks (XS-Leaks)☆81Dec 27, 2022Updated 3 years ago
- retrieve comprehensive information about a website, including its title, last modified date, DNS information, subdomains, firewall names,…☆16Mar 24, 2024Updated last year
- Vision Transformer-Inspired Automated Vulnerability Repair☆19May 13, 2025Updated 10 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Jan 30, 2025Updated last year
- ☆56Aug 26, 2021Updated 4 years ago
- Stats about HTTP response security headers usage mentioned by the OSHP.☆17Jan 25, 2026Updated last month
- Capture and replay execution traces of client-side web applications☆28May 31, 2013Updated 12 years ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆90Feb 3, 2024Updated 2 years ago
- A fuzzer setup to fuzz libc functions.☆16Aug 30, 2022Updated 3 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆162Feb 11, 2026Updated last month
- ☆17Sep 4, 2023Updated 2 years ago
- 基于JavaFX框架做的一款安卓漏洞分析桌面软件,采用了反编译技术与静态分析技术,上传apk包即可分析APP可能包含的风险。☆14Nov 23, 2022Updated 3 years ago
- ☆38Oct 4, 2024Updated last year
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆57Dec 29, 2024Updated last year
- JSFlow is a security-enhanced JavaScript interpreter for fine-grained tracking of information flow.☆15May 28, 2021Updated 4 years ago
- some fun php exploits☆82Nov 12, 2024Updated last year
- RattaGATTa: Scalable Bluetooth Low-Energy Survey Using a pool of collectors to scan and connect to BTLE devices, shedding light on the in…☆46Jan 20, 2025Updated last year
- Progress OpenEdge Authentication Bypass☆16Mar 6, 2024Updated 2 years ago