Alternatives and similar repositories for YASA-Engine

Users that are interested in YASA-Engine are comparing it to the libraries listed below

• JordyZomer / codeql-mcp
  This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…
  ☆124Updated 8 months ago
• fullwaywang / QlRules
  Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.
  ☆184Updated last year
• GCMiner / GCMiner
  Artifact for ICSE 2023
  ☆50Updated 3 years ago
• mo-xiaoxi / HDiff
  ☆27Updated 3 years ago
• SpringJasmine / Jasmine
  ☆30Updated 3 years ago
• CISPA-SysSec / atropos-legacy
  Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities
  ☆73Updated last year
• antgroup / YASA-UAST
  YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…
  ☆62Updated this week
• cokeBeer / goot
  a dataflow analysis framework implemented in Go, like soot
  ☆38Updated 3 years ago
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆28Updated 3 years ago
• soot-oss / TaintAnalysis
  Taint analysis implementation based on Heros and Soot
  ☆45Updated last year
• seclab-fudan / RecurScan
  ☆27Updated last year
• ASTTeam / Semgrep
  《深入理解Semgrep》Finding vulnerabilities with Semgrep.
  ☆58Updated 2 years ago
• iris-sast / iris
  A neurosymbolic framework for vulnerability detection in code
  ☆289Updated 3 weeks ago
• LFYSec / AgentFuzz
  The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
  ☆39Updated 3 months ago
• seclab-fudan / TEFuzz
  ☆16Updated 2 years ago
• HaHarden / CPGPractise
  Some test samples for CPG execution logic.
  ☆20Updated last year
• Feysh-Group / corax-community
  Corax for Java: A general static analysis framework for java code checking.
  ☆253Updated last year
• sfncat / mcp-joern
  A simple Joern MCP Server.
  ☆30Updated last month
• yetingli / ReDoSHunter
  ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection
  ☆80Updated 3 years ago
• OSUSecLab / TaintMini
  Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  ☆83Updated last year
• ovanr / webFuzz
  A grey-box web application Fuzzer
  ☆23Updated last year
• alibaba / sec-code-bench
  SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).
  ☆83Updated 2 months ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆69Updated 2 months ago
• secure-software-engineering / secucheck
  Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…
  ☆18Updated 10 months ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆160Updated 2 months ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆74Updated last year
• bytedance / PatchEval
  PatchEval: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities
  ☆176Updated last month
• u21h2 / AutoSpear
  AutoSpear
  ☆70Updated last year
• AlexAltea / codeql-python
  Python bindings for CodeQL CLI
  ☆54Updated 4 years ago
• Marcono1234 / codeql-java-queries
  Personal CodeQL queries
  ☆63Updated last week