plume-oss / plume
Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various graph databases.
☆70Updated last month
Related projects ⓘ
Alternatives and complementary repositories for plume
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆88Updated 6 years ago
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆66Updated 8 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆16Updated 8 months ago
- A set of Code-ql/Joern queries to find vulnerabilities☆56Updated 3 years ago
- Taint analysis implementation based on Heros and Soot☆41Updated 6 months ago
- Code Property Graph (CPG) frontend for binary applications and libraries.☆83Updated 3 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆87Updated this week
- ☆71Updated 3 years ago
- COVA - A static analysis tool to compute path conditions☆32Updated 2 years ago
- Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis☆123Updated 3 months ago
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆56Updated 5 years ago
- A Cross-Language Dynamic Information Flow Analysis.☆24Updated last year
- AFLplusplus + libprotobuf-mutator☆54Updated 2 years ago
- Doop - Framework for Java Pointer and Taint Analysis☆17Updated 5 years ago
- ☆11Updated 6 years ago
- Study WALA and static code analysis . This project introduces the required knowledge and study roadmap.☆20Updated 3 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆23Updated 9 months ago
- Personal CodeQL queries☆58Updated last week
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆73Updated 8 months ago
- Fuzz testing on JavaScriptCore and WebAssembly in WebKit☆4Updated 4 years ago
- A benchmark to evaluate taint analysis☆30Updated 2 years ago
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆41Updated 3 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆54Updated 3 months ago
- A static analysis tool for Java programs, based on the theory of code property graphs.☆16Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆22Updated 2 years ago
- aurora-d☆20Updated 2 years ago
- A fuzzy parser for C/C++ that creates semantic code property graphs☆35Updated 4 years ago
- Code and artifacts related to the Asia CCS 2022 paper☆35Updated 3 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆16Updated 5 years ago
- ShiftLeft OverflowDB☆112Updated 4 months ago