Alternatives and similar repositories for yurascanner

Users that are interested in yurascanner are comparing it to the libraries listed below

• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆31Updated 6 months ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆111Updated 8 months ago
• Song-Li / ODGen
  ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.
  ☆155Updated last year
• sefcom / Witcher
  Witcher is the first framework for using AFL to fuzz web applications.
  ☆92Updated last year
• SecuringWeb / BlackWidow
  ☆50Updated 2 years ago
• iris-sast / iris
  A neurosymbolic framework for vulnerability detection in code
  ☆211Updated last week
• secureweb / fuzzcache
  FuzzCache: Optimizing Web Application Fuzzing Through Software-Based Data Cache (ACM CCS 2024)
  ☆16Updated 9 months ago
• WSP-LAB / FUGIO
  FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
  ☆95Updated last year
• NASP-THU / ProphetFuzz
  [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.
  ☆86Updated 4 months ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆137Updated last month
• Broken-Assumptions / EDEFuzz
  ☆23Updated 4 months ago
• CISPA-SysSec / atropos-legacy
  Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities
  ☆71Updated last year
• ShenaoW / awesome-llm-supply-chain-security
  A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)
  ☆83Updated 7 months ago
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆51Updated last year
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆75Updated 3 years ago
• LianKee / CLDroid
  A data pool-aware static analyzer to detect cross-layer threats in Android apps.
  ☆12Updated last year
• Song-Li / ObjLupAnsys
  ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…
  ☆24Updated 3 years ago
• huhusmang / Awesome-LLMs-for-Vulnerability-Detection
  Awesome Large Language Models for Vulnerability Detection
  ☆226Updated this week
• fast-sp-2023 / fast
  ☆29Updated 3 months ago
• secureweb / symphp
  Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)
  ☆12Updated 10 months ago
• malteskoruppa / phpjoern
  Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.
  ☆36Updated 5 years ago
• cuhk-seclab / TChecker
  ☆40Updated 2 years ago
• seclab-fudan / RecurScan
  ☆27Updated last year
• GCMiner / GCMiner
  Artifact for ICSE 2023
  ☆49Updated 2 years ago
• zifeng-kang / ProbetheProto
  ☆28Updated 3 years ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆70Updated last year
• puppet-meteor / MINER
  MINER provided by the paper "MINER: A Hybrid Data-Driven Approach for REST API Fuzzing"
  ☆40Updated 2 years ago
• asmitaj08 / FuzzingBusyBox_LLM
  ☆18Updated last year
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆47Updated 3 years ago
• seclab-fudan / TEFuzz
  ☆15Updated 2 years ago