Pinned Repositories
Boomerang
Demand-Driven Pointer Analysis
COVA
COVA - A static analysis tool to compute path conditions
DroidBench
A micro-benchmark suite to assess the stability of taint-analysis tools for Android
FlowDroid
FlowDroid Static Data Flow Tracker
phasar
A LLVM-based static analysis framework.
PointerBench
A points-to and alias analysis benchmark suite
SuSi
SuSi - our tool to automatically discover sources and sinks in the Android framework
swan
Security methods for WeAkNess detection
tamiflex
TamiFlex facilitates static analysis of programs that use reflection and custom class loaders
TypeEvalPy
A Micro-benchmarking Framework for Python Type Inference Tools
Secure Software Engineering Group at Paderborn University and Fraunhofer IEM's Repositories
secure-software-engineering/FlowDroid
FlowDroid Static Data Flow Tracker
secure-software-engineering/phasar
A LLVM-based static analysis framework.
secure-software-engineering/DroidBench
A micro-benchmark suite to assess the stability of taint-analysis tools for Android
secure-software-engineering/COVA
COVA - A static analysis tool to compute path conditions
secure-software-engineering/TypeEvalPy
A Micro-benchmarking Framework for Python Type Inference Tools
secure-software-engineering/SootFX
A Static Code Feature Extraction Tool for Java and Android
secure-software-engineering/swan
Security methods for WeAkNess detection
secure-software-engineering/secucheck
Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to support multiple IDEs.
secure-software-engineering/sootdiff
SootDiff - Bytecode Comparison Across Different Java Compilers
secure-software-engineering/HeaderGen
HeaderGen annotates Jupyter notebooks using static analysis. Improves PyCG's call graph analysis by supporting external libraries and flow-sensitivity.
secure-software-engineering/Boomerang
Demand-Driven Pointer Analysis
secure-software-engineering/upcy
UpCy automatically finds compatible updates for Maven dependencies.
secure-software-engineering/secucheck-core
Taint Analysis on top of Soot.
secure-software-engineering/achilles-benchmark-depscanners
Achilles - Benchmark for assessing OSS-Vulnerability Scanners 59
secure-software-engineering/SWARM-CG
Swiss Army Knife of Call Graph Micro-Benchmark
secure-software-engineering/PathExpression
An implementation of Tarjan's PathExpression algorithm
secure-software-engineering/neck
secure-software-engineering/paper-idesolverxx
Supplementary website for the paper "Scaling Interprocedural Static Data-Flow Analysis to Large C/C++ Applications"
secure-software-engineering/SparseBoomerang
Sparse Demand-Driven Pointer Analysis
secure-software-engineering/SparseIDE
Sparse IDE/IFDS solver and client implementation
secure-software-engineering/modguard
secure-software-engineering/spring-petclinic-kotlin
Vulnerable version of the Spring PetClinic application in Kotlin
secure-software-engineering/actions
Secure Software Engineering groups GitHub Actions - centralized & reusable
secure-software-engineering/avighna
secure-software-engineering/Deblometer
A Java Debloating Benchmark
secure-software-engineering/FalseCrypt
secure-software-engineering/fuzzing_taxonomy
secure-software-engineering/QCG
Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis
secure-software-engineering/secucheck-catalog
secure-software-engineering/SeedUI
SeedUI: Understanding Initial Seeds in Fuzzing