Song-Li / ObjLupAnsys
ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript.
☆23Updated 3 years ago
Alternatives and similar repositories for ObjLupAnsys:
Users that are interested in ObjLupAnsys are comparing it to the libraries listed below
- A set of Code-ql/Joern queries to find vulnerabilities☆58Updated 3 years ago
- ☆26Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆56Updated 5 years ago
- ☆37Updated 2 years ago
- ☆24Updated last year
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆74Updated last year
- ☆15Updated 3 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 4 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- Precision-guided context sensitivity for pointer analysis☆60Updated last year
- ☆24Updated 2 years ago
- ☆28Updated 2 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆165Updated 6 months ago
- ☆10Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆153Updated last year
- ☆46Updated last year
- Some test samples for CPG execution logic.☆21Updated 11 months ago
- A benchmark to evaluate taint analysis☆30Updated 2 years ago
- Assisting Static Analysis with Large Language Models: A ChatGPT Experiment☆34Updated last year
- 模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)☆22Updated 3 years ago
- A static analysis tool for Java programs, based on the theory of code property graphs.☆18Updated last year
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆51Updated 2 months ago
- DiAne is a smart fuzzer for IoT devices☆39Updated 11 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆17Updated last month
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆65Updated 7 months ago
- Works about detecting vulnerable using ML.☆83Updated 4 years ago
- Hey folks, this is a repository for papers on LLM for Vuln. Detection area☆35Updated last month
- ☆24Updated 2 years ago
- A search-based Android static analysis tool with much better performance than Amandroid and FlowDroid☆48Updated 3 years ago