taint-analysis
There are 86 repositories under taint-analysis topic.
facebook/pyre-check
Performant type-checking for python.
vimeo/psalm
A static analysis tool for finding errors in PHP applications
JonathanSalwan/Triton
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
python-security/pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
BinaryAnalysisPlatform/bap
Binary Analysis Platform
airbus-seclab/bincat
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
pascal-lab/Tai-e
An easy-to-learn/use static analysis framework for Java
AngoraFuzzer/Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
JonathanSalwan/Tigress_protection
Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
decaf-project/DECAF
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
trailofbits/polytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
SourceCode-AI/aura
Python source code auditing and static analysis on a large scale
BytecodeDL/ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
wmkhoo/taintgrind
A taint-tracking plugin for the Valgrind memory checking tool
AngoraFuzzer/libdft64
libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
SVF-tools/Teaching-Software-Analysis
Teaching and Learning Software Analysis via SVF
fdu-sec/NestFuzz
A structure-aware grey box fuzzer based on modeling the input processing logic.
GlacierW/MBA
Malware Behavior Analyzer
OSUSecLab/TaintMini
Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
feliam/klee-taint
KLEE-TAINT - Klee with taint analysis support
nuprl/augur
Performant taint analysis for Node.js
akwick/gotcha
Go Taint CHeck Analyser
decaf-project/Droidscope
A dynamic analysis platform for Android
vanhauser-thc/dynTaintTracer
a taint tracer based on DynamoRIO, currently ARM only
brainsmoke/minemu
Minemu is a minimal emulator for dynamic taint analysis ( this is a mirror of https://minemu.org/code/minemu.git )
agustingianni/instrumentation
Assorted pintools
Colton1skees/WinTTD
Reverse engineered API for Microsoft's Time Travel Debugger
Dynamic-Rabbits/Taint-Evaluator
A suite of experiments for evaluating open-source binary taint trackers.
teambi0s/secREtary
The Reverse Engineering Assistant of your dreams
cokeBeer/goot
a dataflow analysis framework implemented in Go, like soot
mimicji/FlowMatrix
FLOWMATRIX: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation, USENIX Security'22
DhavalKapil/stack-guard
A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain
wikimedia/mediawiki-tools-phan-SecurityCheckPlugin
Mirror of https://gerrit.wikimedia.org/g/mediawiki/tools/phan/SecurityCheckPlugin See https://www.mediawiki.org/wiki/Developer_access for contributing
AntoineBlaud/TheCodexRebirth
Taint Analysis Engine and Trace Exploration : Overcome Obfuscation