tiandiyixian's repositories
swan
A Swift Program Analysis Framework
DetExploit
OSS Vulnerability Scanner for Windows Platform
cve-search
cve-search - a tool to perform local searches for known vulnerabilities
taintflow
TaintFlow, a framework for JavaScript dynamic information flow analysis.
cve-bin-tool
This tool scans for a number of common, vulnerable components (openssl, libpng, libxml2, expat and a few others) to let you know if your system includes common libraries with known vulnerabilities.
reviewdog
:dog: Automated code review tool integrated with any code analysis tools regardless of programming language
codepulse
Code Pulse is a real-time code coverage tool for penetration testing activities
go-flags
go command line option parser
vera
A programmable tool for verification, analysis and transformation of C++ source code
SCALe
SCALe (Source Code Analysis Lab) is a static analysis aggregator/correlator which enables a source code analyst to combine static analysis results from multiple tools into one interface, and also provides mappings for diagnostics from the tools to the SEI CERT Secure Coding standards.
gumtree-spoon-ast-diff
Computes the AST difference (aka edit script) between two Spoon Java source code abstract syntax trees
cdt-gdb-vscode
CDT GDB Visual Studio Code Extension
python_sec
python安全和代码审计相关资料收集 resource collection of python security and code review
Security_Codes
安全开发代码归档:包括但不限于渗透测试,资产收集,大规模漏洞扫描器,网络安全相关资料文档与工具整理
maven-dependency-tree-parser
This library contains a set of parsers that parse the output of the maven command "mvn dependency:tree", and a set of utilities to create HTML representations of the parsed tree.
go-tools
Staticcheck – a collection of static analysis tools for working with Go code
Go-SCP
Go programming language secure coding practices guide
piof-iast
PHP Open Iast Agent
jvm-sandbox-repeater
A Java server-side recording and playback solution based on JVM-Sandbox
spoon-examples
Examples on how to use the Spoon Java source code transformation library
depends
Depends is a fast, comprehensive code dependency analysis tool
IncA
Incremental Program Analysis Framework
sonar-java-custom-rules
sonar自定义插件开发(基于阿里开发手册)
pyre-security-configs
A repository to contain source/sink definitions for Pyre to use
vulnerability-assessment-tool
Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://sap.github.io/vulnerability-assessment-tool/
tutorials
The "REST With Spring" Course:
sentinel
Automated security testing framework for web applications
dependency-finder
A suite of tools for analyzing compiled Java code.
bblfshd
A self-hosted server for source code parsing