ryohare / fortify-structural-rules-guideLinks
A technique for developing Fortify structural rules and characterization rules.
☆14Updated 6 years ago
Alternatives and similar repositories for fortify-structural-rules-guide
Users that are interested in fortify-structural-rules-guide are comparing it to the libraries listed below
Sorting:
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆90Updated 7 years ago
- Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.☆28Updated 7 years ago
- Works about detecting vulnerable using ML.☆87Updated 5 years ago
- Personal CodeQL queries☆63Updated last month
- A static analysis API for finding deserialization attack gadgets☆38Updated 3 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆15Updated 7 years ago
- python restful api fuzz test☆50Updated 2 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆53Updated 2 years ago
- Browser Fuzz Summarize / 浏览器模糊测试综述☆142Updated 5 years ago
- ☆29Updated 5 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆58Updated 6 years ago
- A curated list of audit rules which extract from Source Code Auditing tools.☆15Updated 5 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 6 years ago
- ☆23Updated 6 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆37Updated 5 years ago
- Taint Analysis for PHP☆45Updated 9 years ago
- ☆35Updated 7 years ago
- This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by …☆20Updated 3 years ago
- Deprecated: Please visit https://github.com/github/codeql instead.☆81Updated 3 years ago
- CVE exploits for Web, Windows, Linux and others are independently written by Zhuri Lab☆46Updated 5 years ago
- Challenges I created for 35c3☆48Updated 7 years ago
- Peach Fuzzer 3.x☆23Updated 9 years ago
- 物联网设备分析环境搭建与工具使用,包括脚本换阿里源、binwalk的完整安装、firmwalker和rips的使用☆45Updated 7 years ago
- An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…☆25Updated 3 years ago
- browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…☆118Updated 8 years ago
- A static byte code analyzer for Java deserialization gadget research☆252Updated 8 years ago
- ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection☆81Updated 3 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆91Updated last year
- 2 web tasks from ZeroNights HackQuest 2016☆50Updated 8 years ago
- Example of passing file descriptors into a container to perform a privilege escalation on the host☆24Updated 5 years ago