Secure Software Engineering Group at Paderborn University and Fraunhofer IEM

phasar

A LLVM-based static analysis framework.

c cpp llvm static-analysis program-analysis data-flow-analysis

C++ 67 421 8 (1 issue needs help) 1 Updated Aug 10, 2020

FlowDroid

FlowDroid Static Data Flow Tracker

static-analysis flowdroid data-flow-tracker

Java LGPL-2.1 141 368 91 1 Updated Aug 6, 2020

achilles-benchmark-depscanners

Achilles - Benchmark for assessing OSS-Vulnerability Scanners 59

Java 0 0 0 6 Updated Jul 19, 2020

swan

Security methods for WeAkNess detection

Java BSD-3-Clause 4 6 19 1 Updated Jul 1, 2020

authcheck

Analysis for access-control vulnerabilities in Java Spring Security applications.

java security authentication authorization springframework access-control soot

JavaScript MIT 3 8 0 2 Updated Jul 1, 2020

COVA

COVA - A static analysis tool to compute path conditions

Python LGPL-2.1 2 13 0 0 Updated Jun 18, 2020

SAGuidelines

MIT 0 0 0 0 Updated Mar 12, 2020

mudarri

Source code of the Mudarri IntelliJ plugin, using rule graphs

Java Apache-2.0 2 0 0 0 Updated Dec 24, 2019

FalseCrypt

Java 1 0 0 0 Updated Dec 10, 2019

boomerang

Boomerang is a on-demand context and flow-sensitive pointer analysis for Java.

Java LGPL-2.1 3 14 0 0 Updated Nov 29, 2019

sootdiff

SootDiff - Bytecode Comparison Across Different Java Compilers

Java MIT 2 7 0 0 Updated Sep 9, 2019

tamiflex

TamiFlex facilitates static analysis of programs that use reflection and custom class loaders

Java 9 28 5 1 Updated Aug 19, 2019

CryptoAnalysis

Forked from CROSSINGTUD/CryptoAnalysis

CryptoAnalysis fork for the Testify project

Java EPL-2.0 25 1 0 0 Updated Aug 7, 2019

Jimple-Interpreter

Soot based Jimple interpreter

Java Apache-2.0 1 4 0 0 Updated Aug 5, 2019

visuflow

VisuFlow - An Eclipse plugin that helps static code developers in writing static analyses on top of Soot.

Java Apache-2.0 2 0 7 0 Updated Jul 29, 2019

DroidBench

A micro-benchmark suite to assess the stability of taint-analysis tools for Android

Java 86 189 11 4 Updated Mar 25, 2019

vulnerability-of-the-day

Forked from votd/vulnerability-of-the-day

A pedagogically-curated collection of vulnerability demonstrations for undergraduate software engineering students.

Java 8 4 0 0 Updated Mar 1, 2019

cilrep

JVM-based representation (and manipulation) of CIL bytecode

Java Apache-2.0 0 0 0 0 Updated Jan 29, 2019

modguard

Java LGPL-2.1 0 1 0 0 Updated Dec 8, 2018

SPDS-experiments

Java 1 3 0 0 Updated Oct 10, 2018

PointerBench

A points-to and alias analysis benchmark suite

Java 2 12 1 0 Updated Sep 24, 2018

opcua-scanner

An opcua client scanning for servers in a network

Java 2 6 0 0 Updated Jul 26, 2018

soot-panathon

Soot Fork for the ISSTA2018 Panathon

Java LGPL-2.1 0 0 0 0 Updated Jul 12, 2018

cheetah

Eclipse plugin for a JIT taint analysis

Java EPL-1.0 6 5 0 0 Updated Jul 4, 2018

soot-infoflow-android

Android-specific components of FlowDroid

Java LGPL-2.1 161 255 77 0 Updated Apr 12, 2018

ideal

IDE/AL - Alias-Aware Framework for Interprocedural Dataflow Analysis

Java LGPL-2.1 4 5 0 0 Updated Mar 10, 2018

mic9bench

Java GPL-3.0 0 0 0 0 Updated Mar 8, 2018

soot-infoflow-summaries

Library summaries for FlowDroid

Java LGPL-2.1 10 4 1 0 Updated Jan 16, 2018

soot-infoflow

Data flow tracking components for Java

Java LGPL-2.1 92 92 16 1 Updated Jan 16, 2018

TS4J

A fluent interface for defining and computing typestate analyses

java static-analysis fluent-interface dataflow-analysis

Java BSD-2-Clause 0 0 0 0 Updated Nov 2, 2017