• S3

  • Referenced in 9 articles [sw19495]
  • symbolic string solver for vulnerability detection in web applications. Motivated by the vulnerability analysis...
  • VulDeePecker

  • Referenced in 3 articles [sw36365]
  • Deep Learning-Based System for Vulnerability Detection. The automatic detection of software vulnerabilities ... study of using deep learning-based vulnerability detection to relieve human experts from the tedious ... very different from the problem of vulnerability detection, we need some guiding principles for applying ... deep learning to vulnerability detection. In particular, we need to find representations of software programs...
  • Pixy

  • Referenced in 5 articles [sw25249]
  • static analysis tool for detecting web application vulnerabilities. The number and the importance ... applied to the detection of vulnerability types such as SQL injection, cross-site scripting ... concepts, is targeted at detecting cross-site scripting vulnerabilities in PHP scripts. Using our tool...
  • TAJ

  • Referenced in 7 articles [sw33114]
  • sensitive operations. Taint analysis can detect many common vulnerabilities in Web applications...
  • SmartCheck

  • Referenced in 2 articles [sw37692]
  • development in this field. Automated vulnerability detection tools, which help detect potentially problematic language constructs ... SmartCheck - an extensible static analysis tool that detects them1. SmartCheck translates Solidity source code into ... Solidity vulnerabilities and shows significant improvements over alternatives. SmartCheck has its limitations, as detection...
  • SwordDTA

  • Referenced in 1 article [sw17035]
  • dynamic taint analysis tool for software vulnerability detection. Software vulnerabilities are the root cause ... technique to detect software vulnerabilities, we present SwordDTA, a tool that can perform dynamic taint ... hardware. It can be used to detect software vulnerabilities with vulnerability modeling and taint check ... capable of detecting at least four kinds of software vulnerabilities including buffer overflow, integer overflow...
  • EIOD

  • Referenced in 1 article [sw10040]
  • Static integer overflow vulnerability detection in windows binary. In this paper, we present a static ... binary analysis based approach to detect integer overflow vulnerabilities in windows binary. We first translate ... alleviate the problem that static vulnerability detection has high false positive rate ... EIOD can effectively and efficiently detect integer overflow vulnerabilities...
  • ORA

  • Referenced in 5 articles [sw22485]
  • network analysis tool that detects risks or vulnerabilities of an organization’s design structure ... categorized by which type of risk they detect. Measures are also organized by input requirements...
  • MulVAL

  • Referenced in 8 articles [sw17743]
  • bugs reported in OVAL, a formal vulnerability definition language. We tested our tool ... users. The tool detected a policy violation caused by software vulnerabilities and the system administrators...
  • ASPIER

  • Referenced in 6 articles [sw09852]
  • context of OpenSSL verification. ASPIER detected the ”version-rollback” vulnerability in OpenSSL 0.9.6c source...
  • CSSV

  • Referenced in 20 articles [sw13701]
  • CSSV: Towards a realistic tool for statically detecting all buffer overflows in C. Erroneous string ... software defects in C programs yielding vulnerabilities which are exploited by software viruses. We present...
  • SonarQube

  • Referenced in 2 articles [sw40671]
  • automatic code review tool to detect bugs, vulnerabilities, and code smells in your code...
  • Slither

  • Referenced in 1 article [sw37688]
  • four main use cases: (1) automated detection of vulnerabilities, (2) automated detection of code optimization...
  • Mythril

  • Referenced in 1 article [sw37686]
  • analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum ... taint analysis to detect a variety of security vulnerabilities. It’s also used (in combination...
  • NFIDS

  • Referenced in 1 article [sw34890]
  • NFIDS: a neuro-fuzzy intrusion detection system. Heavy reliance on the Internet and worldwide connectivity ... build a system with no vulnerabilities, intrusion detection has become an important area of research...
  • BackFlow

  • Referenced in 1 article [sw34336]
  • analyses have been widely applied to detect injection vulnerabilities in real world software. A main...
  • Taintscope

  • Referenced in 0 articles [sw23360]
  • Directed Fuzzing Tool for Automatic Software Vulnerability Detection. Fuzz testing has proven successful in finding ... trigger potential vulnerabilities. 3) TaintScope is fully automatic, from detecting checksum, directed fuzzing, to repairing ... TaintScope has already found 27 previously unknown vulnerabilities in several widely used applications, including Adobe...
  • LIFT

  • Referenced in 3 articles [sw20596]
  • System for Detecting Security Attacks. Computer security is severely threatened by software vulnerabilities. Prior work ... taint analysis) is a promising technique to detect a wide range of security attacks. However...
  • Retire.js

  • Referenced in 1 article [sw35856]
  • security fixes. ”Using Components with Known Vulnerabilities” is now a part of the OWASP ... help you detect use of version with known vulnerabilities. Retire.js has these parts: A command...
  • ABASH

  • Referenced in 2 articles [sw19236]
  • useful for detecting certain common program errors that may lead to security vulnerabilities. In experiments...