taint-analysis
There are 94 repositories under taint-analysis topic.
facebook/pyre-check
Performant type-checking for python.
vimeo/psalm
A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications
JonathanSalwan/Triton
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
BinaryAnalysisPlatform/bap
Binary Analysis Platform
airbus-seclab/bincat
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
pascal-lab/Tai-e
An easy-to-learn/use static analysis framework for Java
AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
JonathanSalwan/Tigress_protection
Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
decaf-project/DECAF
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
trailofbits/polytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
SourceCode-AI/aura
Python source code auditing and static analysis on a large scale
BytecodeDL/ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
wmkhoo/taintgrind
A taint-tracking plugin for the Valgrind memory checking tool
AngoraFuzzer/libdft64
libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
SVF-tools/Software-Analysis-Studio
Teaching and Learning Software Analysis via SVF
fdu-sec/NestFuzz
A structure-aware grey box fuzzer based on modeling the input processing logic.
GlacierW/MBA
Malware Behavior Analyzer
TheAuditorTool/Auditor
Antidote to VibeCoding
OSUSecLab/TaintMini
Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
feliam/klee-taint
KLEE-TAINT - Klee with taint analysis support
nuprl/augur
Performant taint analysis for Node.js
antgroup/YASA-Engine
YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.
AntoineBlaud/TheCodexRebirth
Taint Analysis Engine and Trace Exploration : Overcome Obfuscation
akwick/gotcha
Go Taint CHeck Analyser
decaf-project/Droidscope
A dynamic analysis platform for Android
brainsmoke/minemu
Minemu is a minimal emulator for dynamic taint analysis ( this is a mirror of https://minemu.org/code/minemu.git )
vanhauser-thc/dynTaintTracer
a taint tracer based on DynamoRIO, currently ARM only
antgroup/YASA-UAST
YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different programming languages into a unified abstract syntax format.
cokeBeer/goot
a dataflow analysis framework implemented in Go, like soot
Colton1skees/WinTTD
Reverse engineered API for Microsoft's Time Travel Debugger
Dynamic-Rabbits/Taint-Evaluator
A suite of experiments for evaluating open-source binary taint trackers.
teambi0s/secREtary
The Reverse Engineering Assistant of your dreams
agustingianni/instrumentation
Assorted pintools