Song-Li / ObjLupAnsys
ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript.
☆22Updated 2 years ago
Related projects: ⓘ
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆87Updated 9 months ago
- ☆23Updated 7 months ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆22Updated 7 months ago
- ☆36Updated last year
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆56Updated 5 years ago
- A set of Code-ql/Joern queries to find vulnerabilities☆53Updated 3 years ago
- ☆20Updated 7 months ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆146Updated this week
- ☆25Updated 2 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆43Updated last month
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (RAID 2024)☆22Updated last week
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆72Updated 6 months ago
- ☆28Updated this week
- ☆20Updated 2 years ago
- ☆69Updated last year
- ☆40Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆146Updated 7 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆109Updated 3 years ago
- Taint analysis implementation based on Heros and Soot☆39Updated 4 months ago
- Precision-guided context sensitivity for pointer analysis☆58Updated last year
- 模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)☆20Updated 3 years ago
- Personal CodeQL queries☆58Updated this week
- A GPT-Based Fuzz Driver Generator☆44Updated 10 months ago
- A benchmark to evaluate taint analysis☆30Updated 2 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆33Updated 4 years ago
- Testability Pattern Catalogs for SAST☆29Updated 6 months ago
- 更好的包装pwntools,提高编写pwn题exp效率的工具☆26Updated 3 years ago
- Artifact for ICSE 2023☆44Updated last year
- Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning☆21Updated 2 years ago
- ☆22Updated 2 years ago