The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

An easy-to-learn/use static analysis framework for Java

Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability

A prototype of an Interactive Application Security Testing System

Scaffolding project that uses Tai-e as a dependency.

WebTaint is a dynamic taint tracker created to secure Java-based web applications.

A java based framework for detecting SQL injection vulnerable sections within PHP code.

Personal Information Tracker (PIT) for Android Applications, Detecting Information Leaks from GUI Components (e.g., EditText, RadioButton, Spinner)

Policy Enforcement for Taint Droid

my customerized version of FlowDroid, which is used to control the time spent on path reconstruction ( this phase is such a time killer!) Branch develop is for my own project; Branch main is for creating PR. Now PR is in review. 这是我用于解决Flowdroid的Path Reconstruction部分耗时太久而产生的一个fork仓库，目前已提交PR审核。