Pinned Repositories
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
ck
Code metrics for Java code by means of static analysis
CWE-Juliet-TestSuite-Java
The Juliet Test Suite V1.3 (find the source https://samate.nist.gov/SRD/testsuite.php )
Docker
Docker 部署各类应用
GDS-PMD-Security-Rules
Custom security ruleset for the popular Java static analysis tool PMD.
infer
A static analyzer for Java, C, C++, and Objective-C
JMetrics
A Java static analysis tool to help measure code quality.
jpf-symbc
Symbolic PathFinder
maple-ir
Industrial IR-based static analysis framework for Java bytecode
pvs-studio-check-list
Offer an interesting project for PVS-Studio analysis.
yijiangtian's Repositories
yijiangtian/infer
A static analyzer for Java, C, C++, and Objective-C
yijiangtian/CWE-Juliet-TestSuite-Java
The Juliet Test Suite V1.3 (find the source https://samate.nist.gov/SRD/testsuite.php )
yijiangtian/JMetrics
A Java static analysis tool to help measure code quality.
yijiangtian/symbolic-execution
History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)
yijiangtian/the-book-of-secret-knowledge
:dizzy: A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
yijiangtian/AST2J
A simple visitor generator for Java
yijiangtian/awesome-programming-books
📚 经典技术书籍推荐,持续更新...
yijiangtian/awesome-symbolic-execution
A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
yijiangtian/custom-bytecode-analyzer
Java bytecode analyzer customizable via JSON rules
yijiangtian/doop
Doop - Framework for Java Pointer and Taint Analysis
yijiangtian/dse
A dynamic symbolic execution engine for Java
yijiangtian/ikos
Static analyzer for C/C++ based on the theory of Abstract Interpretation.
yijiangtian/janala2
a concolic testing engine for Java
yijiangtian/java-license-manager
OddSource Code Java License Manager
yijiangtian/java2llvm
An Example shown convert java class bytecode to llvm ir , then compile llvm ir to standalong executable file .
yijiangtian/jdart
A dynamic symbolic analysis tool for Java
yijiangtian/jdataflow
jdataflow is a Z3 solver based data-flow analyzer for Java source code.
yijiangtian/jigsaw-payment
jigsaw payment 支付系统
yijiangtian/jpf-core
minimal compiled jpf-core to quickly experiment with Symbolic PathFinder
yijiangtian/JSAT
Java Statistical Analysis Tool, a Java library for Machine Learning
yijiangtian/Leek
A distributed real-time stock picking system base on flume,kafka,jstorm,esper,and mysql
yijiangtian/Null-Dereference-Analysis
A static null pointer analysis tool for Java
yijiangtian/RefactoringGuruExample
yijiangtian/serianalyzer
A static byte code analyzer for Java deserialization gadget research
yijiangtian/Software-Verification-and-Testing
Projects dedicated to Black & White Box software testing. Utilizing techniques such as Concolic testing, MC/DC, SAT/SMT, Hoare Logic, Delta debugging, and Daikon Automatic Invariance Generation
yijiangtian/symbv
Validating changes using concolic execution
yijiangtian/SymJava
A Java library for fast symbolic-numeric computation
yijiangtian/TaintAll
TaintAll, a taint analysis and concolic execution tool
yijiangtian/TaintAnalysis
Interprocedural Taint Analysis using SOOT
yijiangtian/taintchecker
Clang static checker that carries out tainting analysis.