antgroup / YASA-EngineLinks
YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.
☆120Updated last week
Alternatives and similar repositories for YASA-Engine
Users that are interested in YASA-Engine are comparing it to the libraries listed below
Sorting:
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆180Updated last year
- This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…☆116Updated 6 months ago
- ☆25Updated 3 years ago
- Artifact for ICSE 2023☆49Updated 3 years ago
- ☆29Updated 3 years ago
- a dataflow analysis framework implemented in Go, like soot☆36Updated 3 years ago
- 《深入理解Semgrep》Finding vulnerabilities with Semgrep.☆55Updated 2 years ago
- ☆27Updated last year
- CodeQL zero to hero blog post series challenges☆141Updated this week
- A grey-box web application Fuzzer☆23Updated last year
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆73Updated last year
- ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection☆79Updated 2 years ago
- A benchmark to evaluate taint analysis☆29Updated 3 years ago
- A neurosymbolic framework for vulnerability detection in code☆236Updated last week
- SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).☆71Updated last week
- Testability Pattern Catalogs for SAST☆31Updated 7 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆18Updated 8 months ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 5 years ago
- Some test samples for CPG execution logic.☆20Updated last year
- AutoSpear☆66Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆47Updated this week
- ☆16Updated 2 years ago
- ☆42Updated 2 years ago
- Taint analysis implementation based on Heros and Soot☆45Updated last year
- CodeQL database manager☆48Updated 5 months ago
- ☆19Updated 3 weeks ago
- Python bindings for CodeQL CLI☆54Updated 4 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago