Pinned Repositories
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
ck
Code metrics for Java code by means of static analysis
CWE-Juliet-TestSuite-Java
The Juliet Test Suite V1.3 (find the source https://samate.nist.gov/SRD/testsuite.php )
Docker
Docker 部署各类应用
GDS-PMD-Security-Rules
Custom security ruleset for the popular Java static analysis tool PMD.
infer
A static analyzer for Java, C, C++, and Objective-C
JMetrics
A Java static analysis tool to help measure code quality.
jpf-symbc
Symbolic PathFinder
maple-ir
Industrial IR-based static analysis framework for Java bytecode
pvs-studio-check-list
Offer an interesting project for PVS-Studio analysis.
yijiangtian's Repositories
yijiangtian/Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
yijiangtian/ck
Code metrics for Java code by means of static analysis
yijiangtian/Docker
Docker 部署各类应用
yijiangtian/jpf-symbc
Symbolic PathFinder
yijiangtian/maple-ir
Industrial IR-based static analysis framework for Java bytecode
yijiangtian/pvs-studio-check-list
Offer an interesting project for PVS-Studio analysis.
yijiangtian/steady
Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/
yijiangtian/aibolit
Static Analyzer for Java Code with Machine Learning in Mind
yijiangtian/antlr4-javaparser
A java parser that creates an AST using the visitor pattern.
yijiangtian/Books
运维之道
yijiangtian/coastal
Concolic analysis tool for Java
yijiangtian/crest
CREST is a concolic test generation tool for C.
yijiangtian/CryptoAnalysis
CogniCrypt_SAST: CrySL-to-Static Analysis Compiler
yijiangtian/cwe_checker
cwe_checker finds vulnerable patterns in binary executables
yijiangtian/DesigniteJava
Detects smells and computes metrics of Java code
yijiangtian/java-smt
JavaSMT - Unified Java API for SMT solvers.
yijiangtian/JavaAnalysis
Static Java Code Analysis
yijiangtian/jbse
A symbolic Java virtual machine for program analysis, verification and test generation
yijiangtian/JCInterpret
Java Concolic Interpreter
yijiangtian/jpeek
Java Code Static Metrics (Cohesion, Coupling, etc.)
yijiangtian/manticore
Symbolic execution tool
yijiangtian/nopol
Automatic program repair and patch generation system for Java based on dynamic analysis and code synthesis with SMT, developed at University of Lille and Inria, France.
yijiangtian/pyauto
《python自动化运维:技术与最佳实践》书中示例及案例源码
yijiangtian/SootTutorial
A step-by-step tutorial for Soot (a Java static analysis framework)
yijiangtian/spoon
Spoon is a metaprogramming library to analyze and transform Java source code (up to Java 15). :spoon: is made with :heart:, :beers: and :sparkles:. It parses source files to build a well-designed AST with powerful analysis and transformation API.
yijiangtian/spoon-examples
Examples on how to use the Spoon Java source code transformation library
yijiangtian/spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
yijiangtian/tardis
The TARDIS concolic test case generator
yijiangtian/violations-lib
Java library for parsing report files from static code analysis.
yijiangtian/WebGoat-Lessons
7.x - The WebGoat STABLE lessons supplied by the WebGoat team.