cispa / http-conformanceLinks
Code for our 2024 ACM AsiaCCS Paper "Who's Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact"
☆16Updated last month
Alternatives and similar repositories for http-conformance
Users that are interested in http-conformance are comparing it to the libraries listed below
Sorting:
- ☆27Updated 3 years ago
- ☆18Updated last year
- ☆42Updated 3 years ago
- Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)☆13Updated last year
- [NDSS 2024] ReqsMiner is an innovative fuzzing framework developed to discover previously unexamined inconsistencies in CDN forwarding re…☆25Updated last year
- QUICforge is an experimental python tool for request forgery attacks with QUIC☆23Updated 3 years ago
- YuraScanner☆72Updated 11 months ago
- 一个搜索网络安全领域顶会论文的小工具☆95Updated 6 months ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆75Updated last year
- MCPCorpus is a comprehensive dataset for analyzing the Model Context Protocol (MCP) ecosystem, containing ~14K MCP servers and 300 MCP cl…☆31Updated 5 months ago
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆246Updated this week
- Collection of community-driven CodeQL query, library and extension packs☆203Updated last month
- ☆27Updated last year
- ☆30Updated 3 years ago
- A neurosymbolic framework for vulnerability detection in code☆320Updated 2 months ago
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆66Updated 3 weeks ago
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Updated 6 months ago
- A benchmark for Java gadget chain detecting algorithms.☆15Updated 7 months ago
- ☆28Updated 3 years ago
- ☆18Updated 2 years ago
- ☆61Updated 2 years ago
- A structure-aware grey box fuzzer based on modeling the input processing logic.☆173Updated last year
- ☆14Updated 2 years ago
- ☆31Updated 9 months ago
- ☆10Updated last year
- 本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。☆151Updated 2 years ago
- SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs).☆86Updated this week
- A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) with support f…☆40Updated last month
- 静态分析基础教程☆179Updated last month
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago