VainlyStrain / charonLinks
A polyglot static analysis engine for detecting vulnerabilities in scripting languages native extensions based on joern.
☆18Updated last month
Alternatives and similar repositories for charon
Users that are interested in charon are comparing it to the libraries listed below
Sorting:
- A set of Code-ql/Joern queries to find vulnerabilities☆64Updated 4 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆72Updated last year
- Artifact for ICSE 2023☆49Updated 3 years ago
- ☆16Updated 2 years ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆90Updated 7 years ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Updated 8 months ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- ☆41Updated last year
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆181Updated last year
- ConfFuzz - Fuzzing for Interface Vulnerabilities☆46Updated 2 years ago
- ☆65Updated 3 years ago
- A small PoC for the recent RCE found in the Goahead Webserver prior to version 5.1.5.☆22Updated 4 years ago
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆57Updated 6 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆96Updated last year
- Code audit (code review) with VIM.☆17Updated 9 months ago
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities | 🏆 Best Practical Paper Award of RAID 2024☆75Updated last week
- Challenge attachments for RWCTF 3rd.☆91Updated 4 years ago
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆147Updated this week
- This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…☆118Updated 6 months ago
- ☆22Updated 6 years ago
- 快速对自己项目中引入的第三方开源库进行1day patch检索,patch数据每天晚上11点更新☆20Updated 3 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆78Updated last year
- attachments for forum of RealWorld CTF 3rd☆42Updated 4 years ago
- COVA - A static analysis tool to compute path conditions☆37Updated 3 months ago
- Some Vulnerability in the some protocol are collected.☆105Updated last year
- ☆32Updated 2 years ago
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆75Updated last year
- Analyze IoT firmware☆17Updated 4 years ago
- A collection of resources and information about CVE-2023-2033☆19Updated 2 years ago
- ☆23Updated 3 years ago