Alternatives and similar repositories for yurascanner

Users that are interested in yurascanner are comparing it to the libraries listed below

• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆31Updated 5 months ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆111Updated 7 months ago
• Song-Li / ODGen
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆154Updated last year
• SecuringWeb / BlackWidow
  ☆49Updated 2 years ago
• uiuc-kang-lab / cve-bench
  CVE-Bench: A Benchmark for AI Agents’ Ability to Exploit Real-World Web Application Vulnerabilities
  ☆69Updated 2 weeks ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆131Updated last month
• iris-sast / iris
  A neurosymbolic framework for vulnerability detection in code
  ☆188Updated this week
• secureweb / fuzzcache
  FuzzCache: Optimizing Web Application Fuzzing Through Software-Based Data Cache (ACM CCS 2024)
  ☆16Updated 9 months ago
• NASP-THU / ProphetFuzz
  [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.
  ☆85Updated 3 months ago
• WSP-LAB / FUGIO
  FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
  ☆95Updated last year
• fast-sp-2023 / fast
  ☆29Updated 3 months ago
• secureweb / symphp
  Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)
  ☆12Updated 10 months ago
• CISPA-SysSec / atropos-legacy
  Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities
  ☆71Updated 11 months ago
• zifeng-kang / ProbetheProto
  ☆28Updated 3 years ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆70Updated last year
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆51Updated last year
• Song-Li / ObjLupAnsys
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆24Updated 3 years ago
• sefcom / Witcher
  Witcher is the first framework for using AFL to fuzz web applications.
  ☆91Updated last year
• cuhk-seclab / TChecker
  ☆39Updated 2 years ago
• GCMiner / GCMiner
  Artifact for ICSE 2023
  ☆49Updated 2 years ago
• malteskoruppa / phpjoern
  Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.
  ☆36Updated 5 years ago
• KHenryAegis / VulnBot
  The repository of VulnBot: Autonomous Penetration Testing for A Multi-Agent Collaborative Framework.
  ☆86Updated 4 months ago
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆46Updated 2 years ago
• lxyeternal / pypi_malregistry
  The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…
  ☆97Updated 3 months ago
• WSP-LAB / Link
  Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning
  ☆24Updated 3 years ago
• ShenaoW / awesome-llm-supply-chain-security
  A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)
  ☆81Updated 6 months ago
• huhusmang / Awesome-LLMs-for-Vulnerability-Detection
  Awesome Large Language Models for Vulnerability Detection
  ☆207Updated this week
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆75Updated 3 years ago
• Aurore54F / static-pdg-js
  Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis
  ☆27Updated 3 years ago
• mo-xiaoxi / HDiff
  ☆25Updated 3 years ago