YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.
☆272May 7, 2026Updated 2 weeks ago
Alternatives and similar repositories for YASA-Engine
Users that are interested in YASA-Engine are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆82Apr 27, 2026Updated 3 weeks ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆474Apr 14, 2026Updated last month
- A polyglot static analysis engine for detecting vulnerabilities in scripting languages native extensions based on joern.☆21Sep 1, 2025Updated 8 months ago
- Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)☆16Oct 3, 2024Updated last year
- JavaRce complements project - use RASP to prevent vulnerabilities☆24Apr 22, 2024Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- The next-generation AI Agent framework driven by Intent Engineering. Move beyond turn-based Function Calling to embrace code-level intent…☆87Jan 11, 2026Updated 4 months ago
- A benchmark for Java gadget chain detecting algorithms.☆16Jun 20, 2025Updated 11 months ago
- Parsing-based Analyzer☆75Jun 8, 2025Updated 11 months ago
- Lessons for syntaxflow zero to hero☆56Sep 14, 2024Updated last year
- [SOSP'25] Automatic checker synthesis for system-level static analysis☆178Oct 26, 2025Updated 6 months ago
- AIxCC: automated vulnerability repair via LLMs, search, and static analysis☆13Jul 16, 2024Updated last year
- 《深入JDBC安全:特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…☆586Feb 7, 2026Updated 3 months ago
- ☆18Apr 7, 2023Updated 3 years ago
- ☆209Oct 27, 2025Updated 6 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆45Jan 30, 2023Updated 3 years ago
- IDA Hexrays To Joern☆45Nov 7, 2024Updated last year
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆15Jul 24, 2025Updated 9 months ago
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆103Jan 20, 2025Updated last year
- A neurosymbolic framework for vulnerability detection in code☆376Apr 19, 2026Updated last month
- simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。☆101Mar 24, 2026Updated last month
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆75Aug 15, 2024Updated last year
- 基于msf的后渗透协作平台 -- 前端部分☆20Apr 3, 2024Updated 2 years ago
- ☆31May 1, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- The source code of project "LLift" (Enhancing static analysis with LLM)☆87Mar 5, 2024Updated 2 years ago
- ☆29May 12, 2026Updated last week
- 无需文件落地Agent内存马生成器☆250May 30, 2024Updated last year
- A continuously updated collection of papers on agentic SE maintained by PurCL group @ Purdue☆628Apr 23, 2026Updated 3 weeks ago
- Source-level code analysis toolkit for SAST, context engineering, and AI coding☆30Updated this week
- The source code of [S&P'25] Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications.☆70Nov 20, 2025Updated 6 months ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,767Nov 21, 2023Updated 2 years ago
- Query-Based Code Analysis Engine☆354Sep 21, 2025Updated 8 months ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆341Jan 6, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Extract entire function source code based on giving line number using Javaparser☆21Jul 15, 2025Updated 10 months ago
- ☆11Apr 21, 2026Updated last month
- 🥇 Amazon Nova AI Challenge Winner - ASTRA emerged victorious as the top attacking team in Amazon's global AI safety competition, defeati…☆71May 11, 2026Updated last week
- A vul-finder for loading CPG and automated finding vul-call-chains☆71Jul 22, 2025Updated 9 months ago
- The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents☆81Apr 13, 2026Updated last month
- study_summary☆10Aug 8, 2022Updated 3 years ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆72Oct 13, 2024Updated last year