iris-sast / cwe-bench-java
A manually vetted dataset for security vulnerability detection in Java projects
☆48Updated 2 weeks ago
Alternatives and similar repositories for cwe-bench-java:
Users that are interested in cwe-bench-java are comparing it to the libraries listed below
- LLMDFA: Analyzing Dataflow in Code with Large Language Models (NeurIPS 2024)☆111Updated 2 months ago
- A neurosymbolic framework for vulnerability detection in code☆59Updated last week
- The source code of project "LLift" (Enhancing static analysis with LLM)☆68Updated last year
- TensorFlow API analysis tool and malicious model detection tool☆27Updated 2 months ago
- MegaVul - The largest, high-quality, extensible, continuously updated, C/C++/Java vulnerability dataset☆70Updated 3 months ago
- This is a benchmark for evaluating the vulnerability discovery ability of automated approaches including Large Language Models (LLMs), de…☆67Updated 5 months ago
- This is an evaluation set for the problem of directed/targeted test input generation. We use it to benchmark the ability of Large Languag…☆31Updated last month
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆57Updated last week
- The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…☆44Updated last year
- ☆21Updated 2 months ago
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆43Updated 2 years ago
- Code for the paper - Source Code Vulnerability Detection: Combining Code Language Models and Code Property Graph☆73Updated last year
- FIRE: Combining Multi-Stage Filtering with Taint Analysis for Scalable Recurring Vulnerability Detection.☆12Updated 7 months ago
- [ICSE 2024 Industry Challenge Track] Official implementation of "ReposVul: A Repository-Level High-Quality Vulnerability Dataset".☆61Updated 5 months ago
- VulTrigger is a tool to for identifying vulnerability-triggering statements across functions and investigating the effectiveness of funct…☆33Updated last year
- A hybrid analysis framework to aid in uncovering deserialization vulnerabilities☆13Updated 6 months ago
- ☆26Updated last year
- tool of llm-based indirect-call analyzer☆19Updated 2 months ago
- ☆38Updated 2 years ago
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Updated last year
- PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software (ISSTA 2024)☆19Updated last month
- DeepWukong: Statically Detecting Software Vulnerabilities Using Deep Graph Neural Network☆105Updated 2 years ago
- This repo list the core literature in the field of fuzzing test, large language model, and LLM-based fuzzer. Most of papers are selected …☆52Updated last year
- ☆26Updated 7 months ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆150Updated last year
- ☆17Updated 8 months ago
- ☆11Updated last year
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆90Updated last year
- Some test samples for CPG execution logic.☆21Updated last year
- ☆9Updated last year