alibaba / sec-code-benchLinks
SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).
☆71Updated last week
Alternatives and similar repositories for sec-code-bench
Users that are interested in sec-code-bench are comparing it to the libraries listed below
Sorting:
- ☆27Updated last year
- Corax for Java: A general static analysis framework for java code checking.☆254Updated 10 months ago
- ☆42Updated 2 years ago
- Some test samples for CPG execution logic.☆20Updated last year
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆180Updated last year
- ☆161Updated last month
- ☆29Updated 3 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆342Updated last year
- 静态分析笔记 Static-Analysis-Notes 程序分析笔记 资源分享☆185Updated 2 years ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆423Updated 3 weeks ago
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆105Updated last week
- 本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。☆142Updated last year
- 《深入理解SAST静态应用安全测试》Static Application Security Testing.☆356Updated this week
- 静态分析及代码审计自动化相关资料收集☆296Updated 3 years ago
- 一个搜索网络安全领域顶会论文的小工具☆91Updated 2 months ago
- Awesome Large Language Models for Vulnerability Detection☆263Updated this week
- ☆35Updated 7 months ago
- Taint analysis implementation based on Heros and Soot☆45Updated last year
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆45Updated last week
- oh my soot !☆92Updated 3 years ago
- ☆25Updated 3 years ago
- ☆187Updated last week
- A benchmark to evaluate taint analysis☆29Updated 3 years ago
- A structure-aware grey box fuzzer based on modeling the input processing logic.☆171Updated 11 months ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆72Updated last year
- ☆14Updated 2 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆78Updated last year
- 《深入理解Semgrep》Finding vulnerabilities with Semgrep.☆55Updated 2 years ago
- Precision-guided context sensitivity for pointer analysis☆61Updated 2 years ago
- ☆104Updated last year