SoheilKhodayari / JAWLinks
JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
☆107Updated 5 months ago
Alternatives and similar repositories for JAW
Users that are interested in JAW are comparing it to the libraries listed below
Sorting:
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆49Updated last year
- Testability Pattern Catalogs for SAST☆30Updated 3 months ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆65Updated last year
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆108Updated last week
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- YuraScanner☆42Updated 3 months ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆74Updated 3 years ago
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆16Updated 2 months ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆153Updated last year
- CodeQL zero to hero blog post series challenges☆122Updated 5 months ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆45Updated 2 years ago
- Artifact for ICSE 2023☆49Updated 2 years ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- ☆28Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆51Updated last month
- ☆31Updated 8 months ago
- XBOW Validation Benchmarks☆92Updated last week
- A framework for identifying vulnerabilities in VS Code extensions☆18Updated 10 months ago
- XS-Leak Browser Test Suite☆81Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆24Updated 3 years ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆250Updated 7 months ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆14Updated 3 weeks ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆17Updated last year
- AutoSpear☆61Updated last year
- ☆19Updated 6 years ago
- List of Trusted Types bypasses☆93Updated last year
- ☆48Updated 2 years ago
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆63Updated 4 years ago
- Same Origin XSS challenge☆61Updated 3 years ago
- Modular static malicious JavaScript detection system☆70Updated 4 years ago