ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
☆165Jan 29, 2024Updated 2 years ago
Alternatives and similar repositories for ODGen
Users that are interested in ODGen are comparing it to the libraries listed below
Sorting:
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆26Nov 30, 2021Updated 4 years ago
- ☆32May 1, 2025Updated 10 months ago
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆75Jan 21, 2024Updated 2 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…☆17Aug 9, 2024Updated last year
- ☆30Nov 29, 2021Updated 4 years ago
- ☆37Oct 4, 2024Updated last year
- A set of Code-ql/Joern queries to find vulnerabilities☆67May 22, 2021Updated 4 years ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆21Mar 7, 2025Updated 11 months ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆22Dec 10, 2025Updated 2 months ago
- Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记☆380Jan 26, 2024Updated 2 years ago
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆2,959Updated this week
- A Node.js vulnerability finding tool.☆96Aug 7, 2025Updated 6 months ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆98Nov 27, 2023Updated 2 years ago
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆96Jan 20, 2025Updated last year
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆117Feb 13, 2026Updated 2 weeks ago
- a project repository for a paper☆20May 4, 2024Updated last year
- A Security Operation Tool Based on Large Language Models 基于大语言模型的安全运营工具☆23Mar 20, 2024Updated last year
- Precise and high-order static points-to/taint analysis based on LLVM IR.☆90Sep 18, 2025Updated 5 months ago
- ☆47May 27, 2023Updated 2 years ago
- Query-Based Code Analysis Engine☆349Sep 21, 2025Updated 5 months ago
- log4j-patch 修改字节码实现补丁防御☆20Dec 10, 2021Updated 4 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- Getting started with static program analysis. 静态程序分析入门教程。☆1,766Mar 20, 2024Updated last year
- Struts2 历史版本的漏洞环境☆84Jan 20, 2017Updated 9 years ago
- Tai-e assignments for static program analysis☆1,219Aug 28, 2025Updated 6 months ago
- Java web路由内存分析工具☆437May 22, 2025Updated 9 months ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆185Sep 19, 2024Updated last year
- An easy-to-learn/use static analysis framework for Java☆1,765Feb 16, 2026Updated 2 weeks ago
- JavaScript Transformation Techniques Detection☆11Jun 14, 2021Updated 4 years ago
- ☆10Sep 10, 2022Updated 3 years ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,757Nov 21, 2023Updated 2 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆80Nov 23, 2021Updated 4 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆82Mar 19, 2024Updated last year
- ☆239Jan 14, 2024Updated 2 years ago