antgroup / YASA-EngineLinks
YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.
☆147Updated this week
Alternatives and similar repositories for YASA-Engine
Users that are interested in YASA-Engine are comparing it to the libraries listed below
Sorting:
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆181Updated last year
- Artifact for ICSE 2023☆49Updated 3 years ago
- This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…☆118Updated 6 months ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆72Updated last year
- ☆25Updated 3 years ago
- CodeQL zero to hero blog post series challenges☆147Updated 3 weeks ago
- ☆29Updated 3 years ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago
- ☆27Updated last year
- ☆21Updated last month
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Updated 8 months ago
- A neurosymbolic framework for vulnerability detection in code☆247Updated 3 weeks ago
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Updated 3 months ago
- ☆16Updated 2 years ago
- A set of Code-ql/Joern queries to find vulnerabilities☆64Updated 4 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- Testability Pattern Catalogs for SAST☆31Updated 8 months ago
- a dataflow analysis framework implemented in Go, like soot☆36Updated 3 years ago
- Taint analysis implementation based on Heros and Soot☆45Updated last year
- Witcher is the first framework for using AFL to fuzz web applications.☆100Updated last year
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆96Updated last year
- [NDSS 2024] ReqsMiner is an innovative fuzzing framework developed to discover previously unexamined inconsistencies in CDN forwarding re…☆23Updated last year
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities | 🏆 Best Practical Paper Award of RAID 2024☆75Updated last week
- A benchmark for Java gadget chain detecting algorithms.☆12Updated 4 months ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆78Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆157Updated last year
- ☆29Updated 5 months ago
- A grey-box web application Fuzzer☆23Updated last year
- ☆43Updated 2 years ago
- Some test samples for CPG execution logic.☆20Updated last year