Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)
☆13Oct 3, 2024Updated last year
Alternatives and similar repositories for symphp
Users that are interested in symphp are comparing it to the libraries listed below
Sorting:
- A benchmark for Java gadget chain detecting algorithms.☆15Jun 20, 2025Updated 8 months ago
- ☆16Apr 7, 2023Updated 2 years ago
- ☆42Jan 30, 2023Updated 3 years ago
- [NDSS 2024] ReqsMiner is an innovative fuzzing framework developed to discover previously unexamined inconsistencies in CDN forwarding re…☆25Jun 27, 2024Updated last year
- ☆11Sep 6, 2024Updated last year
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆76Aug 15, 2024Updated last year
- ☆27Feb 19, 2024Updated 2 years ago
- The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents☆53Sep 9, 2025Updated 5 months ago
- Code for our 2024 ACM AsiaCCS Paper "Who's Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact"☆17Dec 19, 2025Updated 2 months ago
- ☆18Nov 6, 2024Updated last year
- ☆15Mar 19, 2022Updated 3 years ago
- A polyglot static analysis engine for detecting vulnerabilities in scripting languages native extensions based on joern.☆21Sep 1, 2025Updated 5 months ago
- Artifact for ICSE 2023☆50Sep 24, 2022Updated 3 years ago
- Witcher is the first framework for using AFL to fuzz web applications.☆103Nov 28, 2023Updated 2 years ago
- Automated black-box REST API testing using graph-based modeling, LLMs, and multi-agent reinforcement learning.☆44Feb 20, 2026Updated last week
- Industrial Cybersecurity Conference Index☆13Mar 11, 2024Updated last year
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Jul 24, 2025Updated 7 months ago
- The Z3-Noodler String Solver☆25Updated this week
- Protect your PHP project from deserialization attacks! As seen on NDSS 2024☆15Aug 8, 2025Updated 6 months ago
- ☆14Feb 4, 2020Updated 6 years ago
- 软件工程与形式化方法相关前沿工作阅读与分享☆36Oct 27, 2025Updated 4 months ago
- The repo of "BugLens"☆35Nov 12, 2025Updated 3 months ago
- JavaRce complements project - use RASP to prevent vulnerabilities☆24Apr 22, 2024Updated last year
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆21Apr 11, 2024Updated last year
- ☆23Apr 6, 2019Updated 6 years ago
- Tai-e的Web插件☆23Jun 11, 2024Updated last year
- Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack☆36Aug 27, 2025Updated 6 months ago
- A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) with support f…☆45Updated this week
- ☆28Nov 6, 2025Updated 3 months ago
- [ICLR 2025] Official implementation for "StringLLM: Understanding the String Processing Capability of Large Language Models"☆22Jan 23, 2025Updated last year
- 用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo☆37Apr 17, 2024Updated last year
- Modelizer - is a framework for learning models from BlackBox systems using Input-Output examples☆22Jul 17, 2025Updated 7 months ago
- [USENIX Security '25] My ZIP isn’t your ZIP: Identifying and Exploiting Semantic Gaps Between ZIP Parsers☆38Aug 22, 2025Updated 6 months ago
- ☆21Apr 30, 2021Updated 4 years ago
- ☆61Apr 24, 2023Updated 2 years ago
- An integration of JoernTI's CodeTIDAL5 neural type inference model.☆27Jan 27, 2025Updated last year
- ☆161Jun 3, 2024Updated last year
- YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, d…☆249Updated this week
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago