osssanitizer / osspolice
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
☆66Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for osspolice
- ☆51Updated 10 months ago
- ☆33Updated 2 years ago
- This repository contains a list of papers about software supply chain☆25Updated 6 months ago
- Scan pypi for typosquatting☆37Updated last year
- A C/C++ dependency scanner☆37Updated last year
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆27Updated last year
- Datasets of the paper: Detecting "0-Day" Vulnerability: An Empirical Study of Secret Security Patch in OSS☆18Updated 5 years ago
- ☆50Updated 3 years ago
- Public version of CNEPS☆18Updated 10 months ago
- An Automated Vulnerability Detection System☆57Updated 8 years ago
- The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…☆37Updated last year
- ReDeBug Source Code.☆24Updated 11 months ago
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆52Updated 3 years ago
- holding data and processing code for the paper 'A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lesso…☆20Updated 4 years ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆21Updated 11 months ago
- B2SFinder is a binary-to-source matching tool for OSS reuse detection on COTS software. This project contains the core code of B2SFinder …☆54Updated 5 years ago
- ☆56Updated 3 years ago
- ☆29Updated last year
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆39Updated 2 years ago
- MoreFixes: A Large-Scale Dataset of CVE Fix Commits Mined through Enhanced Repository Discovery☆15Updated this week
- Research papers on ML for security☆33Updated 4 years ago
- This repository contains several examples of logic bomb.☆96Updated 11 months ago
- ☆75Updated last year
- Pythia (extends AFL with Predictions)☆62Updated 3 years ago
- VUDDY: A Scalable and Accurate Vulnerable Code Clone Detector (S&P'17)☆51Updated 5 months ago
- ☆44Updated 2 years ago
- An interactive tool for better understanding and intervening fuzzing process via real-time visualization.☆75Updated 2 years ago
- Binary Code Similarity Analysis (BCSA) Benchmark☆134Updated 11 months ago
- Source-binary patch presence test system.☆82Updated 2 years ago
- ☆17Updated 6 years ago