taint-analysis

There are 40 repositories under taint-analysis topic.

facebook / pyre-check
Performant type-checking for python.
python typechecker type-check static-analysis ocaml code-quality abstract-interpretation security program-analysis taint-analysis control-flow-analysis
Language:OCaml 6691
vimeo / psalm
A static analysis tool for finding errors in PHP applications
static-analysis php type-inference security-analysis taint-analysis hacktoberfest
Language:PHP 5434
JonathanSalwan / Triton
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
binary-analysis binary-translation deobfuscation dynamic-analysis emulator instruction-semantics lifter program-analysis reverse-engineering symbolic-execution taint-analysis
Language:C++ 3303
find-sec-bugs
find-sec-bugs / find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
bytecode code-analysis cwe findbugs hacktoberfest java owasp security security-audit static-analysis taint-analysis
Language:Java 2203
python-security / pyt
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
pyt control-flow-graph static-analysis python python3 security static-code-analysis program-analysis fixed-point fixed-point-analysis dataflow dataflow-analysis taint taint-analysis abstract-syntax-tree abstract-syntax flask
Language:Python 2167
BinaryAnalysisPlatform / bap
Binary Analysis Platform
arm bap binary-analysis disassembler dynamic-analysis emulator instruction-semantics lifter mips ocaml powerpc program-analysis program-verification reverse-engineering security static-analysis symbolic-execution taint-analysis x86
Language:OCaml 1975
airbus-seclab / bincat
Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection
ida-plugin taint-analysis reverse-engineering disassembly
Language:OCaml 1613
pascal-lab / Tai-e
An easy-to-learn/use static analysis framework for Java
call-graph java security static-analysis taint-analysis
Language:Java 1241
AngoraFuzzer / Angora
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
fuzzing security fuzzer afl symbolic-execution taint-analysis data-flow-analysis
Language:C++ 909
decaf-project / DECAF
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
binary-analysis taint-analysis
Language:C 788
JonathanSalwan / Tigress_protection
Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.
deobfuscation tigress tigress-protections triton symbolic-execution llvm reverse-engineering taint-analysis solution-tigress-challenge
Language:LLVM 777
trailofbits / polytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
llvm instrumentation taint-analysis taint-tracking dataflow-analysis
Language:C++ 497
SourceCode-AI / aura
Python source code auditing and static analysis on a large scale
python security-audit static-analysis taint-analysis
Language:Python 484
BytecodeDL / ByteCodeDL
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
static-analysis security-tools sast points-to-analysis taint-analysis
Language:Shell 307
wmkhoo / taintgrind
A taint-tracking plugin for the Valgrind memory checking tool
valgrind c taint-analysis
Language:C 241
AngoraFuzzer / libdft64
libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
angora dynamic-analysis fuzzing libdft security taint taint-analysis taint-tracking
Language:C++ 227
Feysh-Group / corax-community
Corax for Java: A general static analysis framework for java code checking.
abstract-interpretation code-analysis cwe flowdroid java owasp program-analysis sarif sast security security-audit software-analysis soot static-analysis static-code-analysis taint-analysis vulnerability
Language:Kotlin 198
SVF-tools / Teaching-Software-Analysis
Teaching and Learning Software Analysis via SVF
software-analysis static-analysis information-flow taint-analysis course points-to-analysis
Language:C++ 178
GlacierW / MBA
Malware Behavior Analyzer
malware qemu sandbox virtual-machine-introspection forensics taint-analysis program-analysis dynamic-binary-analysis
Language:C 155
fdu-sec / NestFuzz
A structure-aware grey box fuzzer based on modeling the input processing logic.
fuzzing structure-aware-fuzzing taint-analysis
Language:C++ 140
feliam / klee-taint
KLEE-TAINT - Klee with taint analysis support
symbolic-execution taint-analysis klee llvm
Language:C++ 71
OSUSecLab / TaintMini
Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis
mini-programs taint-analysis empirical-study privacy-leakage security
Language:Python 67
akwick / gotcha
Go Taint CHeck Analyser
golang static-analysis taint-analysis static-code-analysis dataflow gotcha
Language:Go 43
nuprl / augur
Performant taint analysis for Node.js
graaljs javascript nodejs nodeprof taint-analysis
Language:JavaScript 42
decaf-project / Droidscope
A dynamic analysis platform for Android
android dynamic-analysis taint-analysis
Language:C++ 40
vanhauser-thc / dynTaintTracer
a taint tracer based on DynamoRIO, currently ARM only
taint-analysis taint-tracking tainting taint dynamorio dynamorio-client reverse-engineering arm
Language:C 40
brainsmoke / minemu
Minemu is a minimal emulator for dynamic taint analysis ( this is a mirror of https://minemu.org/code/minemu.git )
security data-flow-tracker taint-analysis jit-compiler mitigation dynamic-analysis x86
Language:C 38
agustingianni / instrumentation
Assorted pintools
instrumentation pintool pin dynamic binary taint-analysis taint coverage code-coverage binary-analysis program-analysis
Language:C++ 30
Dynamic-Rabbits / Taint-Evaluator
A suite of experiments for evaluating open-source binary taint trackers.
taint-analysis binary-analysis evaluation-framework benchmarks taint-tracking
Language:Shell 30
teambi0s / secREtary
The Reverse Engineering Assistant of your dreams
reverse-engineering re taint-analysis
Language:C++ 29
mimicji / FlowMatrix
FLOWMATRIX: GPU-Assisted Information-Flow Analysis through Matrix-Based Representation, USENIX Security'22
dataflow-analysis program-analysis security-tools taint-analysis taint-tracking usenix-security-2022 binary-analysis
Language:C++ 27
Colton1skees / WinTTD
Reverse engineered API for Microsoft's Time Travel Debugger
dynamic-analysis binary-instrumentation taint-analysis reverse-engineering binary-analysis program-analysis
Language:C++ 26
cokeBeer / goot
a dataflow analysis framework implemented in Go, like soot
analysis-framework go static-analysis taint-analysis taint-tracking vulnerability-detection
Language:Go 25
DhavalKapil / stack-guard
A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain
clang llvm stack taint-analysis
Language:C++ 24
wikimedia / mediawiki-tools-phan-SecurityCheckPlugin
Mirror of https://gerrit.wikimedia.org/g/mediawiki/tools/phan/SecurityCheckPlugin See https://www.mediawiki.org/wiki/Developer_access for contributing
phan security-audit static-analysis taint-analysis
Language:PHP 24
Dynamic-Rabbits / Dynamic-Rabbits
taint-analysis binary-analysis dynamorio dynamic-rabbits
Language:C 19