Alternatives and similar repositories for YASA-Engine

Users that are interested in YASA-Engine are comparing it to the libraries listed below

• JordyZomer / codeql-mcp
  This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…
  ☆130Updated 10 months ago
• fullwaywang / QlRules
  Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.
  ☆184Updated last year
• GCMiner / GCMiner
  Artifact for ICSE 2023
  ☆50Updated 3 years ago
• SpringJasmine / Jasmine
  ☆30Updated 3 years ago
• cokeBeer / goot
  a dataflow analysis framework implemented in Go, like soot
  ☆39Updated 3 years ago
• soot-oss / TaintAnalysis
  Taint analysis implementation based on Heros and Soot
  ☆45Updated last year
• mo-xiaoxi / HDiff
  ☆27Updated 3 years ago
• CISPA-SysSec / atropos-legacy
  Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities
  ☆75Updated last year
• seclab-fudan / RecurScan
  ☆27Updated last year
• antgroup / YASA-UAST
  YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…
  ☆66Updated 3 weeks ago
• HaHarden / CPGPractise
  Some test samples for CPG execution logic.
  ☆20Updated last year
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆163Updated 4 months ago
• ASTTeam / Semgrep
  《深入理解Semgrep》Finding vulnerabilities with Semgrep.
  ☆58Updated 2 years ago
• OSUSecLab / TaintMini
  Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
  ☆82Updated last year
• LFYSec / AgentFuzz
  The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
  ☆50Updated 4 months ago
• iris-sast / iris
  A neurosymbolic framework for vulnerability detection in code
  ☆320Updated 2 months ago
• bytedance / PatchEval
  PatchEval: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities
  ☆184Updated last month
• Feysh-Group / corax-community
  Corax for Java: A general static analysis framework for java code checking.
  ☆254Updated last year
• sfncat / mcp-joern
  A simple Joern MCP Server.
  ☆34Updated 2 months ago
• seclab-fudan / TEFuzz
  ☆16Updated 2 years ago
• yetingli / ReDoSHunter
  ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection
  ☆81Updated 3 years ago
• alibaba / sec-code-bench
  SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).
  ☆86Updated this week
• ovanr / webFuzz
  A grey-box web application Fuzzer
  ☆25Updated last year
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆28Updated 3 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆69Updated 3 months ago
• fdu-sec / NestFuzz
  A structure-aware grey box fuzzer based on modeling the input processing logic.
  ☆173Updated last year
• fdu-sec / JDD
  ☆203Updated 3 months ago
• NUS-Curiosity / KernJC
  KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities | 🏆 Best Practical Paper Award of RAID 2024
  ☆80Updated 3 months ago
• cuhk-seclab / TChecker
  ☆42Updated 3 years ago
• elManto / StaticAnalysisQueries
  A set of Code-ql/Joern queries to find vulnerabilities
  ☆67Updated 4 years ago