Alternatives and similar repositories for YASA-Engine

Users that are interested in YASA-Engine are comparing it to the libraries listed below

• JordyZomer / codeql-mcp
  This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…
  ☆126Updated 9 months ago
• fullwaywang / QlRules
  Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.
  ☆184Updated last year
• GCMiner / GCMiner
  Artifact for ICSE 2023
  ☆50Updated 3 years ago
• SpringJasmine / Jasmine
  ☆30Updated 3 years ago
• mo-xiaoxi / HDiff
  ☆27Updated 3 years ago
• antgroup / YASA-UAST
  YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…
  ☆64Updated this week
• seclab-fudan / RecurScan
  ☆27Updated last year
• soot-oss / TaintAnalysis
  Taint analysis implementation based on Heros and Soot
  ☆45Updated last year
• yetingli / ReDoSHunter
  ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection
  ☆81Updated 3 years ago
• iris-sast / iris
  A neurosymbolic framework for vulnerability detection in code
  ☆306Updated last month
• alibaba / sec-code-bench
  SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).
  ☆86Updated 3 months ago
• cokeBeer / goot
  a dataflow analysis framework implemented in Go, like soot
  ☆39Updated 3 years ago
• CISPA-SysSec / atropos-legacy
  Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities
  ☆74Updated last year
• Feysh-Group / corax-community
  Corax for Java: A general static analysis framework for java code checking.
  ☆254Updated last year
• ASTTeam / Semgrep
  《深入理解Semgrep》Finding vulnerabilities with Semgrep.
  ☆58Updated 2 years ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆163Updated 3 months ago
• HaHarden / CPGPractise
  Some test samples for CPG execution logic.
  ☆20Updated last year
• Lekssays / codebadger
  A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) with support f…
  ☆36Updated last month
• sfncat / mcp-joern
  A simple Joern MCP Server.
  ☆33Updated 2 months ago
• fdu-sec / JDD
  ☆199Updated 2 months ago
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆28Updated 3 years ago
• cuhk-seclab / TChecker
  ☆41Updated 2 years ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆74Updated last year
• LFYSec / AgentFuzz
  The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
  ☆44Updated 4 months ago
• BytecodeDL / ByteCodeDL
  A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
  ☆342Updated 2 years ago
• bytedance / PatchEval
  PatchEval: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities
  ☆180Updated 3 weeks ago
• xywang18 / Rengar
  Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation
  ☆14Updated 5 months ago
• OSUSecLab / TaintMini
  Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  ☆82Updated last year
• malteskoruppa / phpjoern
  Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.
  ☆37Updated 5 years ago
• antgroup / MCPScan
  ☆201Updated last month