secure-software-engineering / secucheckLinks
Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to support multiple IDEs.
☆18Updated 8 months ago
Alternatives and similar repositories for secucheck
Users that are interested in secucheck are comparing it to the libraries listed below
Sorting:
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆75Updated 11 months ago
- COVA - A static analysis tool to compute path conditions☆37Updated 2 months ago
- A set of Code-ql/Joern queries to find vulnerabilities☆64Updated 4 years ago
- ☆11Updated 6 years ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆90Updated 7 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- Efficient and Precise Pointer-Tracking Data-Flow Framework☆66Updated 9 months ago
- ☆29Updated 5 months ago
- Precision-guided context sensitivity for pointer analysis☆61Updated 2 years ago
- Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis☆143Updated this week
- Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis☆78Updated last year
- Taint analysis implementation based on Heros and Soot☆45Updated last year
- A Static Code Feature Extraction Tool for Java and Android☆20Updated 2 years ago
- ☆27Updated 2 years ago
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆105Updated last week
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆89Updated 8 months ago
- Study WALA and static code analysis . This project introduces the required knowledge and study roadmap.☆22Updated 4 years ago
- ☆29Updated 3 years ago
- A points-to and alias analysis benchmark suite☆41Updated 7 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆180Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆24Updated 3 years ago
- Assisting Static Analysis with Large Language Models: A ChatGPT Experiment☆36Updated 2 years ago
- Collate and collect binary related materials, including papers, tools, etc. Now,there are the following categories: 1、Fuzzing☆57Updated 6 years ago
- A polyglot static analysis engine for detecting vulnerabilities in scripting languages native extensions based on joern.☆18Updated last month
- This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor…☆116Updated 6 months ago
- a dataflow analysis framework implemented in Go, like soot☆36Updated 3 years ago
- A benchmark to evaluate taint analysis☆29Updated 3 years ago
- Personal CodeQL queries☆64Updated last week
- Artifact for ICSE 2023☆49Updated 3 years ago
- Neo4J visualisation tool for the Code Property Graph☆14Updated 4 years ago