5hadowblad3

ollama

Get up and running with Llama 3.2, Mistral, Gemma 2, and other large language models.

llama

Inference code for Llama models

codellama

Inference code for CodeLlama models

static-analysis

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

android-hidden-api

A library that provides access to Android hidden APIs and internal resources.

jailbreak_llms

[CCS'24] A dataset consists of 15,140 ChatGPT prompts from Reddit, Discord, websites, and open-source datasets (including 1,405 jailbreak prompts).

ai-for-grant-writing

A curated list of resources for using LLMs to develop more competitive grant applications.

wtf

wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-mode (experimental!).

Awesome-LM-SSP

A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).

stoke

STOKE: A stochastic superoptimizer and program synthesizer

fuzzowski

the Network Protocol Fuzzer that we will want to use.

BenchmarkJava

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

fuzzotron

A TCP/UDP based network daemon fuzzer

tsffs

A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS

ChatAFL

Large Language Model guided Protocol Fuzzing (NDSS'24)

CodeFuse-Query

Query-Based Code Analysis Engine

home

The Themis Benchmark for evaluating automated GUI testing

oss-sydr-fuzz

OSS-Sydr-Fuzz - OSS-Fuzz fork for hybrid fuzzing (fuzzer+DSE) open source software.

Smart-Intermediate-Representation

A brand-new multi-scenarios smart contract compiler framework

OpenTracer

An Ethereum Dynamic Analyzer, a.k.a, open-sourced transaction explorer similar to Phalcon/EthTx/TxTracer

VulnReproduction.github.io

Home page for this github organization

llvm-epp

Efficient Path Profiling using LLVM

ParDiff

A Static Differential Analysis Tool of Network Protocol Parsers

MPCDiff

This repository contains the evaluation code for the NDSS 2024 paper: MPCDIFF: Testing and Repairing MPC-Hardened Deep Learning Models.

GiantSan-Artifact

SAST-MT

Research Artifact of Evaluating C/C++ Vulnerability Detectability of Query-Based Static Application Security Testing Tools

EP-DNN-testing

Research Artifact of ISSTA 2024 Paper: See the Forest, not Trees: Unveiling and Escaping the Pitfalls of Error-Triggering Inputs in Neural Network Testing

code-LLM-critical-evaluation

Code for ACL 2024 paper: A Critical Study of What Code-LLMs (Do not) Learn

yarpgen

Yet Another Random Program Generator

testing-feat

Functional Enumeration of Algebraic Types