Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.
☆185Sep 19, 2024Updated last year
Alternatives and similar repositories for QlRules
Users that are interested in QlRules are comparing it to the libraries listed below
Sorting:
- Android Security Bug Queries for CheckMarx☆20Sep 13, 2022Updated 3 years ago
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆77Oct 14, 2024Updated last year
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,757Nov 21, 2023Updated 2 years ago
- This is the project of LearnAFL.☆28Aug 27, 2020Updated 5 years ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆463Jan 15, 2026Updated last month
- A set of Code-ql/Joern queries to find vulnerabilities☆67May 22, 2021Updated 4 years ago
- 带你畅游《软件分析》☆277Aug 1, 2022Updated 3 years ago
- 静态分析及代码审计自动化相关资料收集☆298Jul 29, 2022Updated 3 years ago
- CodeQL Java 全网最全的中文学习资料☆799Mar 18, 2022Updated 3 years ago
- Framework for Automating Fuzzable Target Discovery with Static Analysis.☆548Feb 1, 2024Updated 2 years ago
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆82Mar 19, 2024Updated last year
- Corax for Java: A general static analysis framework for java code checking.☆254Dec 3, 2024Updated last year
- IDA Pro每周小技巧☆280Nov 11, 2022Updated 3 years ago
- ☆298Jun 21, 2022Updated 3 years ago
- Getting started with static program analysis. 静态程序分析入门教程。☆1,766Mar 20, 2024Updated last year
- ☆34Apr 7, 2022Updated 3 years ago
- codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)☆205Mar 19, 2022Updated 3 years ago
- Codeql学习笔记☆900Apr 25, 2022Updated 3 years ago
- Resources related to GitHub Security Lab☆1,587Dec 2, 2025Updated 3 months ago
- BinAbsInspector: Vulnerability Scanner for Binaries☆1,670Jun 17, 2024Updated last year
- A CAT called tabby ( Code Analysis Tool )☆1,637Jan 17, 2026Updated last month
- Finding Java gadget chains with CodeQL☆185Jan 14, 2025Updated last year
- 2021 交大程式安全 binary exploit 課程教材☆303Jun 4, 2024Updated last year
- 记录学习codeql的过程☆394Jun 9, 2023Updated 2 years ago
- 《深入理解SAST静态应用安全测试》Static Application Security Testing.☆390Sep 28, 2025Updated 5 months ago
- 汽车/安卓/固件/代码安全测试工具集☆637Jun 3, 2024Updated last year
- Artifact for ICSE 2023☆50Sep 24, 2022Updated 3 years ago
- GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.☆272Jan 16, 2024Updated 2 years ago
- Personal CodeQL queries☆63Dec 15, 2025Updated 2 months ago
- CodeQL extractor for java, which don't need to compile java source☆348Nov 25, 2022Updated 3 years ago
- 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..☆1,075Aug 24, 2021Updated 4 years ago
- ☆85Jan 23, 2022Updated 4 years ago
- 容器安全漏洞的分析与复现☆160Mar 26, 2024Updated last year
- android app native so fuzz. efficiently run in a real machine with frida environment. See Background: https://idhyt.blogspot.com/2020/02/…☆43Jan 18, 2024Updated 2 years ago
- A hacky tool for analysing linux kernel commits☆38Feb 7, 2023Updated 3 years ago
- 专注于JVM的运行时防御系统RASP☆295Jun 14, 2024Updated last year
- An easy-to-learn/use static analysis framework for Java☆1,765Feb 16, 2026Updated 2 weeks ago
- ☆206Oct 27, 2025Updated 4 months ago