Finding potential software vulnerabilities from git commit messages
#Awesome#An ever-growing list of resources for data-driven vulnerability assessment and prioritization
Vulnerability Information Aggregator for CVEs
Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
Revisiting Graph Neural Networks for Vulnerability Detection (ICSE 2022) (Pytorch)
Automated privilege escalation of the world's most popular Docker images.
IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
#计算机科学#Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated Software Engineering (ASE) 2021
Threat modeling of an open-source VPN Client - OpenConnect using Microsoft Threat Modeling Tool
Reproduction package for the paper "A Large-scale Study of Security Vulnerability Support on Developer Q&A Websites" in the Evaluation and Assessment in Software Engineering (EASE) 2021
The compilation of demos and proof of concepts of vulnerability exploits of SSL/TLS protocol and related libraries
Security in the context of Software-Source code analysis, Buffer Overflow and Web Security