testable-eu / sast-testability-patternsLinks
Testability Pattern Catalogs for SAST
☆30Updated 3 months ago
Alternatives and similar repositories for sast-testability-patterns
Users that are interested in sast-testability-patterns are comparing it to the libraries listed below
Sorting:
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- Artifact for ICSE 2023☆49Updated 2 years ago
- JAW: A Graph-based Security Analysis Framework for Client-side JavaScript☆107Updated 5 months ago
- AutoSpear☆61Updated last year
- YuraScanner☆42Updated 3 months ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆49Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆24Updated 3 years ago
- A framework for identifying vulnerabilities in VS Code extensions☆18Updated 10 months ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 5 years ago
- ☆29Updated last month
- A set of Code-ql/Joern queries to find vulnerabilities☆59Updated 4 years ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆29Updated last year
- Grammar-based HTTP/2 fuzzer with mutation ability☆45Updated 2 years ago
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆65Updated last year
- FuzzCache: Optimizing Web Application Fuzzing Through Software-Based Data Cache (ACM CCS 2024)☆10Updated 6 months ago
- Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to s…☆17Updated 4 months ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆74Updated 3 years ago
- ☆48Updated 2 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆153Updated last year
- ☆21Updated last month
- ☆25Updated 2 years ago
- ☆28Updated 2 years ago
- VulZoo: A Comprehensive Vulnerability Intelligence Dataset (ASE 2024 Demo)☆48Updated 2 months ago
- The source code (including datasets) of V1SCAN (USENIX Security 2023; will be uploaded).☆41Updated last year
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆16Updated 2 months ago
- ☆31Updated 8 months ago
- ☆16Updated 2 years ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆14Updated 3 weeks ago
- Witcher is the first framework for using AFL to fuzz web applications.☆90Updated last year