Skip to content

@secure-software-engineering Secure Software Engineering Group at Paderborn University and Fraunhofer IEM

Change the repository type filter

All

    Repositories list

    62 repositories

    • phasar

      Public
      A LLVM-based static analysis framework.
      ccppllvmstatic-analysisprogram-analysisdata-flow-analysis
      C++
      Other
      1429443211Updated Nov 29, 2024Nov 29, 2024

    • boomerang

      Public
      Boomerang is a on-demand context and flow-sensitive pointer analysis for Java.
      Java
      GNU Lesser General Public License v2.1
      62300Updated Nov 28, 2024Nov 28, 2024

    • TypeEvalPy

      Public
      A Micro-benchmarking Framework for Python Type Inference Tools
      pythonbenchmarkstaticanalysistypeinference
      Python
      23111Updated Nov 28, 2024Nov 28, 2024

    • achilles-benchmark-depscanners

      Public
      Achilles - Benchmark for assessing OSS-Vulnerability Scanners 59
      Java
      GNU Lesser General Public License v3.0
      47011Updated Nov 26, 2024Nov 26, 2024

    • SparseBoomerang

      Public
      Sparse Demand-Driven Pointer Analysis
      Java
      Eclipse Public License 2.0
      3420Updated Nov 26, 2024Nov 26, 2024

    • PathExpression

      Public
      An implementation of Tarjan's PathExpression algorithm
      Java
      Eclipse Public License 2.0
      2401Updated Nov 25, 2024Nov 25, 2024

    • SWARM-CG

      Public
      Swiss Army Knife of Call Graph Micro-Benchmark
      Python
      0100Updated Nov 23, 2024Nov 23, 2024

    • swan

      Public
      Security methods for WeAkNess detection
      Java
      BSD 3-Clause "New" or "Revised" License
      719194Updated Nov 22, 2024Nov 22, 2024

    • secucheck-catalog

      Public
      3000Updated Nov 21, 2024Nov 21, 2024

    • FlowDroid

      Public
      FlowDroid Static Data Flow Tracker
      static-analysisflowdroiddata-flow-tracker
      Java
      GNU Lesser General Public License v2.1
      3001.1k2281Updated Nov 21, 2024Nov 21, 2024

    • upcy

      Public
      UpCy automatically finds compatible updates for Maven dependencies.
      Java
      Apache License 2.0
      0710Updated Oct 20, 2024Oct 20, 2024

    • HeaderGen

      Public
      HeaderGen annotates Jupyter notebooks using static analysis. Improves PyCG's call graph analysis by supporting external libraries and flow-sensitivity.
      pythonstatic-analysisjupyter-notebookcall-graph-analysis
      Jupyter Notebook
      11311Updated Oct 18, 2024Oct 18, 2024

    • paper-idesolverxx

      Public
      Supplementary website for the paper "Scaling Interprocedural Static Data-Flow Analysis to Large C/C++ Applications"
      HTML
      0100Updated Jul 30, 2024Jul 30, 2024

    • neck

      Public
      C++
      MIT License
      3300Updated Jul 15, 2024Jul 15, 2024

    • secucheck-core

      Public
      Taint Analysis on top of Soot.
      Java
      MIT License
      31011Updated May 24, 2024May 24, 2024

    • sootdiff

      Public
      SootDiff - Bytecode Comparison Across Different Java Compilers
      Java
      MIT License
      41811Updated May 24, 2024May 24, 2024

    • secucheck

      Public
      Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to support multiple IDEs.
      Java
      MIT License
      71660Updated Mar 14, 2024Mar 14, 2024

    • FalseCrypt

      Public
      Java
      1000Updated Mar 14, 2024Mar 14, 2024

    • SparseIDE

      Public
      Sparse IDE/IFDS solver and client implementation
      GNU Lesser General Public License v2.1
      1100Updated Jan 29, 2024Jan 29, 2024

    • modguard

      Public
      Java
      GNU Lesser General Public License v2.1
      0100Updated Jun 16, 2023Jun 16, 2023

    • SootFX

      Public
      A Static Code Feature Extraction Tool for Java and Android
      Java
      GNU Lesser General Public License v2.1
      41900Updated Jun 7, 2023Jun 7, 2023

    • DroidBench

      Public
      A micro-benchmark suite to assess the stability of taint-analysis tools for Android
      Java
      114269126Updated Apr 17, 2023Apr 17, 2023

    • COVA

      Public
      COVA - A static analysis tool to compute path conditions
      Python
      GNU Lesser General Public License v2.1
      83211Updated Nov 16, 2022Nov 16, 2022

    • authcheck

      Public
      Analysis for access-control vulnerabilities in Java Spring Security applications.
      javasecurityauthenticationauthorizationspringframeworkaccess-controlsoot
      JavaScript
      MIT License
      51402Updated May 25, 2022May 25, 2022

    • spring-petclinic-kotlin

      Public
      Vulnerable version of the Spring PetClinic application in Kotlin
      Kotlin
      Apache License 2.0
      1200Updated May 19, 2022May 19, 2022

    • CogniCrypt-CI-Integration

      Public
      This repository contains code for a Jenkins adaptor for CogniCrypt which is based on warnings-ng-plugin https://github.com/jenkinsci/warnings-ng-plugin
      Java
      MIT License
      1051Updated Mar 21, 2022Mar 21, 2022

    • opcua-scanner

      Public
      An opcua client scanning for servers in a network
      Java
      3800Updated Dec 16, 2021Dec 16, 2021

    • z3

      Public
      The Z3 Theorem Prover
      C++
      Other
      1.5k000Updated Oct 25, 2021Oct 25, 2021

    • cards

      Public
      Component-based Assumptions and Restrictions for Dataflow Specifications
      javaeclipseeclipse-plugineclipse-siriusxtendxtextmodel-based
      Java
      MIT License
      0100Updated Jul 29, 2021Jul 29, 2021

    • jadx-taintdoc

      Public
      Jadx extended to ease documentation of taint flows
      Java
      Other
      1300Updated Jul 16, 2021Jul 16, 2021