Song-Li / ObjLupAnsys
ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript.
☆22Updated 3 years ago
Alternatives and similar repositories for ObjLupAnsys:
Users that are interested in ObjLupAnsys are comparing it to the libraries listed below
- A set of Code-ql/Joern queries to find vulnerabilities☆58Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆152Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- ☆27Updated 2 years ago
- ☆37Updated 2 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆74Updated 11 months ago
- Precision-guided context sensitivity for pointer analysis☆60Updated last year
- ☆26Updated last year
- ☆24Updated 2 years ago
- ☆24Updated last year
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 4 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆17Updated last month
- Taint analysis implementation based on Heros and Soot☆44Updated 10 months ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆165Updated 5 months ago
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆56Updated 5 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆47Updated last month
- ☆15Updated 2 years ago
- Some test samples for CPG execution logic.☆21Updated 11 months ago
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆66Updated 3 months ago
- oh my soot !☆89Updated 2 years ago
- ☆11Updated 6 years ago
- Assisting Static Analysis with Large Language Models: A ChatGPT Experiment☆34Updated last year
- Testability Pattern Catalogs for SAST☆29Updated 3 weeks ago
- ☆46Updated last year
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆64Updated 6 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆113Updated 3 years ago
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆41Updated 2 years ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆90Updated 6 years ago