sslab-gatech / Apisan
APISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46
Projects that are alternatives of or similar to Apisan
Bap
Binary Analysis Platform
Stars: ✭ 1,385 (+2910.87%)
Mutual labels: static-analysis, symbolic-execution
SixtyPical
A 6502-oriented low-level programming language supporting advanced static analysis
Stars: ✭ 25 (-45.65%)
Mutual labels: static-analysis, symbolic-execution
Sys
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Stars: ✭ 149 (+223.91%)
Mutual labels: static-analysis, symbolic-execution
crusher
No description or website provided.
Stars: ✭ 21 (-54.35%)
Mutual labels: static-analysis, symbolic-execution
UTBotCpp
Tool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage
Stars: ✭ 59 (+28.26%)
Mutual labels: static-analysis, symbolic-execution
Crosshair
An analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (+1173.91%)
Mutual labels: static-analysis, symbolic-execution
Cfn nag
Linting tool for CloudFormation templates
Stars: ✭ 808 (+1656.52%)
Mutual labels: static-analysis
Befa Library
High-level library for executable binary file analysis
Stars: ✭ 12 (-73.91%)
Mutual labels: static-analysis
Sonar Java
☕️ SonarSource Static Analyzer for Java Code Quality and Security
Stars: ✭ 745 (+1519.57%)
Mutual labels: static-analysis
Php Language Server
PHP Implementation of the VS Code Language Server Protocol 🆚↔🖥
Stars: ✭ 1,019 (+2115.22%)
Mutual labels: static-analysis
Cryptoanalysis
CogniCrypt_SAST: CrySL-to-Static Analysis Compiler
Stars: ✭ 36 (-21.74%)
Mutual labels: static-analysis
Phpqa
Docker image that provides static analysis tools for PHP
Stars: ✭ 853 (+1754.35%)
Mutual labels: static-analysis
Dagda
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Stars: ✭ 820 (+1682.61%)
Mutual labels: static-analysis
Cfmt
cfmt is a tool to wrap Go comments over a certain length to a new line.
Stars: ✭ 28 (-39.13%)
Mutual labels: static-analysis
Awesome Go Linters
A curated list of awesome Go linters. More than 60 linters and tools!
Stars: ✭ 801 (+1641.3%)
Mutual labels: static-analysis
Clair
Vulnerability Static Analysis for Containers
Stars: ✭ 8,356 (+18065.22%)
Mutual labels: static-analysis
Sonarondocker
🐳 📡 Docker way of running SonarQube + any DB
Stars: ✭ 25 (-45.65%)
Mutual labels: static-analysis
APISan: Sanitizing API Usages through Semantic Cross-Checking
Environments
- Tested in Ubuntu 14.04
- Setup
$ ./setup.sh
- How to build symbolic database
$ apisan build [cmds]
- Run './configure'
$ apisan build ./configure
$ apisan build make
- How to run a checker
$ apisan check --db=[db] --checker=[checker]
- Example
$ cd test/return-value
$ ../../apisan build make
$ ../../apisan check --checker=rvchk
Checkers (under analyzer/apisan/check)
- Return value checker: retval.py
- Argument checker: argument.py
- Causality checker: causality.py
- Condition checker: condition.py
- Integer overflow checker: intovfl.py
- Format string bug checker: fsb.py
Authors
- Insu Yun [email protected]
- Changwoo Min [email protected]
- Xujie Si [email protected]
- Yeongjin Jang [email protected]
- Taesoo Kim [email protected]
- Mayur Naik [email protected]
Publications
@inproceedings{yun:apisan,
title = {{APISan: Sanitizing API Usages through Semantic Cross-checking}},
author = {Insu Yun and Changwoo Min and Xujie Si and Yeongjin Jang and Taesoo Kim and Mayur Naik},
booktitle = {Proceedings of the 25th USENIX Security Symposium (Security)},
month = aug,
year = 2016,
address = {Austin, TX},
}
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].