A set of Code-ql/Joern queries to find vulnerabilities
☆67May 22, 2021Updated 4 years ago
Alternatives and similar repositories for StaticAnalysisQueries
Users that are interested in StaticAnalysisQueries are comparing it to the libraries listed below
Sorting:
- A binary-only coverage-guided fuzzer based on AFL and e9patch☆18Oct 13, 2020Updated 5 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆185Sep 19, 2024Updated last year
- ☆13Mar 22, 2024Updated last year
- A collection of POP exploits.☆30Feb 22, 2021Updated 5 years ago
- ☆13Nov 9, 2022Updated 3 years ago
- A bunch of sample codes related to kernel fuzzing☆12Feb 7, 2019Updated 7 years ago
- ☆23Nov 2, 2021Updated 4 years ago
- Jess is short for Joern extended by Semantic Slicing. This tool allows you to import C code into a Code Property Graph, and then compute …☆17May 22, 2024Updated last year
- Qemu Fuzzer.针对Qemu模拟设备的模糊测试工具,主要思路是Host生成种子Data,然后传递给Guest中转程序,由中转程序访问MMIO,以达到和模拟设备的交互,不同于qtest自带的fuzzer.☆46Dec 12, 2021Updated 4 years ago
- 从admin冲到TrustedInstaller☆17Feb 3, 2023Updated 3 years ago
- Papers on concurrency vulnerability analysis, including multithreaded programs, multi-tasking programs and interrupt driven programs.☆15Nov 11, 2022Updated 3 years ago
- Personal CodeQL queries☆63Dec 15, 2025Updated 2 months ago
- binary ninja related code☆37Mar 27, 2025Updated 11 months ago
- A tool that automatically creates fuzzing harnesses based on a library☆285Nov 13, 2021Updated 4 years ago
- Prototype of the paper "APICraft: Fuzz Driver Generation for Closed-source SDK Libraries".☆66Dec 14, 2021Updated 4 years ago
- Usenix Security 2021 - AURORA: Statistical Crash Analysis for Automated Root Cause Explanation☆162Aug 31, 2022Updated 3 years ago
- BSOD: Binary-only Scalable fuzzing Of device Drivers☆166Nov 11, 2021Updated 4 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆15Jan 27, 2019Updated 7 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- Finding Java gadget chains with CodeQL☆184Jan 14, 2025Updated last year
- My CodeQL queries collection☆99Aug 28, 2023Updated 2 years ago
- ☆137Aug 3, 2021Updated 4 years ago
- GreHack 2021 CodeQL for Java workshop☆73Nov 19, 2021Updated 4 years ago
- Environment with vulnerable kernel for exploitation of the TEE driver (CVE-2021-44733)☆76Dec 28, 2021Updated 4 years ago
- Repository of the findings found by wtf when fuzzing IDA75.☆85Aug 2, 2021Updated 4 years ago
- Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code☆236Mar 14, 2022Updated 3 years ago
- lxfuzz is a grey-box kernel fuzzer used for linux. it is scalable because of qemu being used to emulate in a way to be able to freely cho…☆22Jul 21, 2024Updated last year
- Sys, but no longer in Haskell☆19Mar 14, 2022Updated 3 years ago
- Custom / Experimental CodeQL queries☆37Apr 21, 2022Updated 3 years ago
- Code Property Graph (CPG) frontend for binary applications and libraries.☆95Oct 28, 2021Updated 4 years ago
- ☆19Apr 7, 2023Updated 2 years ago
- 模糊测试种子库 comprehensive croups for fuzzing seeds with carfefully selected(rate=coverage/filesize)☆23Apr 7, 2021Updated 4 years ago
- ☆19Jan 2, 2021Updated 5 years ago
- COVA - A static analysis tool to compute path conditions☆40Jul 12, 2025Updated 7 months ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆91May 3, 2018Updated 7 years ago
- Full-VM taint analysis with Xen, Intel(R) Processor Trace and Triton.☆43Jun 12, 2023Updated 2 years ago
- IRPT: The Art, Science, and Engineering of Windows driver fuzzing☆21Mar 26, 2021Updated 4 years ago
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆413Updated this week
- fastjson auto type derivation search☆21Aug 19, 2021Updated 4 years ago