YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.
☆260Apr 1, 2026Updated last week
Alternatives and similar repositories for YASA-Engine
Users that are interested in YASA-Engine are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆75Apr 3, 2026Updated last week
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆468Jan 15, 2026Updated 2 months ago
- Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)☆15Oct 3, 2024Updated last year
- JavaRce complements project - use RASP to prevent vulnerabilities☆24Apr 22, 2024Updated last year
- The next-generation AI Agent framework driven by Intent Engineering. Move beyond turn-based Function Calling to embrace code-level intent…☆79Jan 11, 2026Updated 3 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A benchmark for Java gadget chain detecting algorithms.☆15Jun 20, 2025Updated 9 months ago
- A polyglot static analysis engine for detecting vulnerabilities in scripting languages native extensions based on joern.☆20Sep 1, 2025Updated 7 months ago
- Parsing-based Analyzer☆75Jun 8, 2025Updated 10 months ago
- Lessons for syntaxflow zero to hero☆56Sep 14, 2024Updated last year
- AIxCC: automated vulnerability repair via LLMs, search, and static analysis☆12Jul 16, 2024Updated last year
- ☆18Apr 7, 2023Updated 3 years ago
- Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack☆36Aug 27, 2025Updated 7 months ago
- ☆207Oct 27, 2025Updated 5 months ago
- ☆44Jan 30, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- IDA Hexrays To Joern☆46Nov 7, 2024Updated last year
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆15Jul 24, 2025Updated 8 months ago
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆575Feb 7, 2026Updated 2 months ago
- simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。☆101Mar 24, 2026Updated 2 weeks ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆75Aug 15, 2024Updated last year
- 基于msf的后渗透协作平台 -- 前端部分☆20Apr 3, 2024Updated 2 years ago
- The source code of [S&P'25] Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications.☆66Nov 20, 2025Updated 4 months ago
- [SOSP'25] Automatic checker synthesis for system-level static analysis☆172Oct 26, 2025Updated 5 months ago
- ☆32May 1, 2025Updated 11 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- The source code of project "LLift" (Enhancing static analysis with LLM)☆86Mar 5, 2024Updated 2 years ago
- Source-level code analysis toolkit for SAST, context engineering, and AI coding☆30Mar 31, 2026Updated last week
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,765Nov 21, 2023Updated 2 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- Query-Based Code Analysis Engine☆353Sep 21, 2025Updated 6 months ago
- ☆11Sep 6, 2024Updated last year
- Extract entire function source code based on giving line number using Javaparser☆21Jul 15, 2025Updated 8 months ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year
- A vul-finder for loading CPG and automated finding vul-call-chains☆72Jul 22, 2025Updated 8 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents☆67Sep 9, 2025Updated 7 months ago
- study_summary☆10Aug 8, 2022Updated 3 years ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆71Oct 13, 2024Updated last year
- A continuously updated collection of CodeLLM papers maintained by PurCL group @ Purdue☆617Jan 14, 2026Updated 2 months ago
- ☆23Apr 6, 2019Updated 7 years ago
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆98Jan 20, 2025Updated last year
- 无需文件落地Agent内存马生成器☆249May 30, 2024Updated last year