Testability Pattern Catalogs for SAST
☆32Feb 18, 2025Updated last year
Alternatives and similar repositories for sast-testability-patterns
Users that are interested in sast-testability-patterns are comparing it to the libraries listed below
Sorting:
- TP-Framework: Testability Pattern Framework for SAST☆15May 10, 2024Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- YuraScanner☆73Feb 13, 2025Updated last year
- ☆31May 1, 2025Updated 9 months ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆117Feb 13, 2026Updated 2 weeks ago
- An SMT Solver for string constraints☆48Feb 10, 2026Updated 2 weeks ago
- A benchmark for Java gadget chain detecting algorithms.☆15Jun 20, 2025Updated 8 months ago
- A grey-box web application Fuzzer☆25Aug 16, 2024Updated last year
- ☆30Aug 30, 2022Updated 3 years ago
- ☆16Nov 24, 2023Updated 2 years ago
- ☆11Aug 12, 2022Updated 3 years ago
- Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)☆13Oct 3, 2024Updated last year
- ☆20Jan 19, 2026Updated last month
- A CLI wrapper for libmodsecurity (v3.0.10)☆13Nov 22, 2023Updated 2 years ago
- A benchmark to evaluate taint analysis☆27Jun 20, 2022Updated 3 years ago
- Code audit (code review) with VIM.☆17Jan 3, 2025Updated last year
- Jess is short for Joern extended by Semantic Slicing. This tool allows you to import C code into a Code Property Graph, and then compute …☆17May 22, 2024Updated last year
- Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation☆14Jul 24, 2025Updated 7 months ago
- The Z3-Noodler String Solver☆25Feb 21, 2026Updated last week
- A tool to instrument Android APKs based on Soot☆15Jul 8, 2020Updated 5 years ago
- ☆14Feb 4, 2020Updated 6 years ago
- ☆21Dec 28, 2024Updated last year
- The repo of "BugLens"☆35Nov 12, 2025Updated 3 months ago
- OWASP WAP - Web Application Protection Project☆11Jul 24, 2019Updated 6 years ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆98Nov 27, 2023Updated 2 years ago
- COVA - A static analysis tool to compute path conditions☆40Jul 12, 2025Updated 7 months ago
- Indexing reachability for context-sensitive data flow analysis.☆12Jul 10, 2022Updated 3 years ago
- Artifacts of the paper "Arcanum: Detecting and Evaluating the Privacy Risks of Browser Extensions on Web Pages and Web Content" in USENIX…☆17Aug 9, 2024Updated last year
- ☆22Sep 28, 2022Updated 3 years ago
- Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples☆19May 23, 2022Updated 3 years ago
- Inspector-gadget (a.k.a. PSHAPE - Practical Support for Half-Automated Program Exploitation) is an open source tool which assists analyst…☆27Dec 17, 2019Updated 6 years ago
- [ICLR 2025] Official implementation for "StringLLM: Understanding the String Processing Capability of Large Language Models"☆22Jan 23, 2025Updated last year
- ☆29Updated this week
- IDA Hexrays To CodeQL☆51Nov 7, 2024Updated last year
- ☆21Apr 30, 2021Updated 4 years ago
- Modelizer - is a framework for learning models from BlackBox systems using Input-Output examples☆22Jul 17, 2025Updated 7 months ago
- Precise and high-order static points-to/taint analysis based on LLVM IR.☆90Sep 18, 2025Updated 5 months ago
- Doop - Framework for Java Pointer and Taint Analysis☆19Dec 14, 2018Updated 7 years ago
- A Cross-Language Dynamic Information Flow Analysis.☆28Nov 29, 2022Updated 3 years ago