sarif-standard / sarif-spec-v1
The specification document for the Static Analysis Results Interchange Format (SARIF)
☆57Updated 4 years ago
Alternatives and similar repositories for sarif-spec-v1:
Users that are interested in sarif-spec-v1 are comparing it to the libraries listed below
- .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…☆200Updated 2 weeks ago
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆178Updated 3 weeks ago
- Quality domain agnostic regular expression pattern matcher that persists results to SARIF☆39Updated last month
- SARIF Microsoft Visual Studio Code extension☆113Updated last week
- User-friendly documentation for the SARIF file format.☆293Updated last year
- static analysis benchmarks from Toyota ITC☆114Updated last year
- create call graphs for .NET projects using the Roslyn infrastructure for parsing .NET bytecode☆12Updated 7 years ago
- pfff is mainly an OCaml API to write static analysis, dynamic analysis, code visualizations, code navigations, or style-preserving source…☆185Updated 2 years ago
- SARIF Microsoft Visual Studio Viewer Extension☆49Updated 11 months ago
- Collection of tools for analyzing open source packages.☆332Updated last week
- An engine for searching patterns in the source code, based on Unified AST or UST. At present time C#, Java, PHP, PL/SQL, T-SQL, MySql, a…☆60Updated 4 years ago
- MsBuild task to warn about insecure NuGet libraries☆98Updated 5 years ago
- .NET ASP.NET Security Analyser - Consolidation of multiple ASP.NET OWASP tools☆16Updated 9 years ago
- Verified implementation of TLS 1.3 in F*☆176Updated last month
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆263Updated 3 years ago
- ☆13Updated 5 months ago
- An interactive (fast) static source code analyzer☆157Updated last week
- DevSkim plugin for VS Code.☆38Updated 4 years ago
- ☆194Updated this week
- Fuzzer for the .NET toolchains, developed as a project for the 2018 Language-Based Security course at Aarhus University.☆246Updated this week
- Remote build execution technology for use with CMake, MSBuild, Gulp, Microsoft Build Accelerator, and other build engines☆59Updated 4 years ago
- A fuzzer. Work in progress!☆21Updated 7 years ago
- Symbolic Execution Engine for Boogie☆29Updated 3 years ago
- Oink is a collaboration of C++ static analysis tools.☆155Updated 2 years ago
- With this tool, projects can be compiled easily for fuzzing with AFL or for static code analysis with tools like CBMC. One-line-scan hook…☆21Updated 2 years ago
- .NET library for logging data via EventSource/ETW☆86Updated 2 years ago
- The CLR Instrumentation Engine is a cooperation profiler that allows running multiple profiling extensions in the same process.☆95Updated 3 months ago
- SEViz (Symbolic Execution VisualIZer) is a tool for visualizing symbolic execution-based test generation☆20Updated 9 years ago
- A .NET framework for composing, evaluating, inspecting and persisting computational experiments which are represented as a dataflow.☆20Updated 2 years ago
- KLEE in the browser☆52Updated 9 months ago