Skip to content

@secure-software-engineering Secure Software Engineering Group at Paderborn University and Fraunhofer IEM

Change the repository type filter

All

    Repositories list

    65 repositories

    • Boomerang

      Public
      Demand-Driven Pointer Analysis
      Java
      Eclipse Public License 2.0
      613102Updated Jun 5, 2025Jun 5, 2025

    • upcy

      Public
      UpCy automatically finds compatible updates for Maven dependencies.
      Java
      Apache License 2.0
      1910Updated Jun 3, 2025Jun 3, 2025

    • phasar

      Public
      A LLVM-based static analysis framework.
      ccppllvmstatic-analysisprogram-analysisdata-flow-analysis
      C++
      Other
      1479873711Updated May 31, 2025May 31, 2025

    • FlowDroid

      Public
      FlowDroid Static Data Flow Tracker
      static-analysisflowdroiddata-flow-tracker
      Java
      GNU Lesser General Public License v2.1
      3061.1k2351Updated May 28, 2025May 28, 2025

    • fuzzing_taxonomy

      Public
      JavaScript
      0000Updated May 27, 2025May 27, 2025

    • PathExpression

      Public
      An implementation of Tarjan's PathExpression algorithm
      Java
      Eclipse Public License 2.0
      2610Updated May 19, 2025May 19, 2025

    • TypeEvalPy

      Public
      A Micro-benchmarking Framework for Python Type Inference Tools
      pythonbenchmarkstaticanalysistypeinference
      Python
      23410Updated May 9, 2025May 9, 2025

    • secucheck-core

      Public
      Taint Analysis on top of Soot.
      Java
      MIT License
      31111Updated Apr 22, 2025Apr 22, 2025

    • SparseBoomerang

      Public
      Sparse Demand-Driven Pointer Analysis
      Java
      Eclipse Public License 2.0
      6200Updated Mar 10, 2025Mar 10, 2025

    • swan

      Public
      Security methods for WeAkNess detection
      Java
      BSD 3-Clause "New" or "Revised" License
      720194Updated Feb 27, 2025Feb 27, 2025

    • QCG

      Public
      Qilin: A New Framework for Supporting Fine-Grained Context-Sensitivity in Java Pointer Analysis
      Java
      GNU Lesser General Public License v2.1
      33000Updated Feb 25, 2025Feb 25, 2025

    • secucheck-catalog

      Public
      3000Updated Jan 30, 2025Jan 30, 2025

    • secucheck

      Public
      Soot-based taint analysis with internal Java fluent interface for security specifications in fluentTQL implemented with MagpieBridge to support multiple IDEs.
      Java
      MIT License
      71760Updated Jan 30, 2025Jan 30, 2025

    • HeaderGen

      Public
      HeaderGen annotates Jupyter notebooks using static analysis. Improves PyCG's call graph analysis by supporting external libraries and flow-sensitivity.
      pythonstatic-analysisjupyter-notebookcall-graph-analysis
      Jupyter Notebook
      11411Updated Jan 30, 2025Jan 30, 2025

    • SWARM-CG

      Public
      Swiss Army Knife of Call Graph Micro-Benchmark
      Python
      1310Updated Jan 28, 2025Jan 28, 2025

    • achilles-benchmark-depscanners

      Public
      Achilles - Benchmark for assessing OSS-Vulnerability Scanners 59
      Java
      GNU Lesser General Public License v3.0
      48011Updated Nov 26, 2024Nov 26, 2024

    • paper-idesolverxx

      Public
      Supplementary website for the paper "Scaling Interprocedural Static Data-Flow Analysis to Large C/C++ Applications"
      HTML
      0200Updated Jul 30, 2024Jul 30, 2024

    • neck

      Public
      C++
      MIT License
      3300Updated Jul 15, 2024Jul 15, 2024

    • sootdiff

      Public
      SootDiff - Bytecode Comparison Across Different Java Compilers
      Java
      MIT License
      41811Updated May 24, 2024May 24, 2024

    • avighna

      Public
      Java
      0000Updated Mar 15, 2024Mar 15, 2024

    • FalseCrypt

      Public
      Java
      1000Updated Mar 14, 2024Mar 14, 2024

    • SparseIDE

      Public
      Sparse IDE/IFDS solver and client implementation
      GNU Lesser General Public License v2.1
      1200Updated Jan 29, 2024Jan 29, 2024

    • modguard

      Public
      Java
      GNU Lesser General Public License v2.1
      0100Updated Jun 16, 2023Jun 16, 2023

    • SootFX

      Public
      A Static Code Feature Extraction Tool for Java and Android
      Java
      GNU Lesser General Public License v2.1
      42000Updated Jun 7, 2023Jun 7, 2023

    • DroidBench

      Public
      A micro-benchmark suite to assess the stability of taint-analysis tools for Android
      Java
      115280126Updated Apr 17, 2023Apr 17, 2023

    • COVA

      Public
      COVA - A static analysis tool to compute path conditions
      Python
      GNU Lesser General Public License v2.1
      83611Updated Nov 16, 2022Nov 16, 2022

    • authcheck

      Public
      Analysis for access-control vulnerabilities in Java Spring Security applications.
      javasecurityauthenticationauthorizationspringframeworkaccess-controlsoot
      JavaScript
      MIT License
      31402Updated May 25, 2022May 25, 2022

    • spring-petclinic-kotlin

      Public
      Vulnerable version of the Spring PetClinic application in Kotlin
      Kotlin
      Apache License 2.0
      1200Updated May 19, 2022May 19, 2022

    • CogniCrypt-CI-Integration

      Public
      This repository contains code for a Jenkins adaptor for CogniCrypt which is based on warnings-ng-plugin https://github.com/jenkinsci/warnings-ng-plugin
      Java
      MIT License
      1051Updated Mar 21, 2022Mar 21, 2022

    • opcua-scanner

      Public
      An opcua client scanning for servers in a network
      Java
      3900Updated Dec 16, 2021Dec 16, 2021