antgroup / YASA-UASTLinks
YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different programming languages into a unified abstract syntax format. 
☆51Updated last week
Alternatives and similar repositories for YASA-UAST
Users that are interested in YASA-UAST are comparing it to the libraries listed below
Sorting:
- SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).☆74Updated 2 weeks ago
- ☆43Updated 2 years ago
- Some test samples for CPG execution logic.☆20Updated last year
- ☆27Updated last year
- ☆29Updated 3 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆181Updated last year
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆342Updated last year
- oh my soot !☆92Updated 3 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆78Updated last year
- Corax for Java: A general static analysis framework for java code checking.☆253Updated 10 months ago
- 静态分析笔记 Static-Analysis-Notes 程序分析笔记 资源分享☆185Updated 2 years ago
- Taint analysis implementation based on Heros and Soot☆45Updated last year
- Awesome Large Language Models for Vulnerability Detection☆285Updated this week
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆147Updated last week
- A manually vetted dataset for security vulnerability detection in Java projects☆77Updated 2 months ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆435Updated last month
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Updated 3 months ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆72Updated last year
- A structure-aware grey box fuzzer based on modeling the input processing logic.☆171Updated last year
- 《深入理解SAST静态应用安全测试》Static Application Security Testing.☆361Updated last month
- A benchmark for Java gadget chain detecting algorithms.☆13Updated 4 months ago
- ☆17Updated 11 months ago
- A neurosymbolic framework for vulnerability detection in code☆251Updated last week
- 静态分析及代码审计自动化相关资料收集☆296Updated 3 years ago
- Precision-guided context sensitivity for pointer analysis☆61Updated 2 years ago
- ☆173Updated 2 months ago
- A hybrid analysis framework to aid in uncovering deserialization vulnerabilities☆15Updated last year
- ☆193Updated this week
- 静态分析基础教程☆172Updated last month
- ☆25Updated last year