GitHub - CodeThreat/FlowBlot.NET: FlowBlot is static code analysis benchmark project by Codethreat, including sink-source challenges grouped into various technical analysis concepts.

SAST Benchmark Tool for Taint Analysis

FlowBlot.NET

About The Project

As a static code analysis development team, we asked ourselves the following questions

how well do we track “hacker sent input values” across a software?
how well do we perform when finding different types of security and quality bugs?

FlowBlot is static code analysis benchmark project by CodeThreat, including sink-source challenges grouped into various technical analysis concepts, implemented as a helper to answer the first question. It's paramountly important for a SAST tool to perform its best to answer this question in order to produce quality results. While other vulnerable applications like OWASP Benchmark, Juiceshop, DVWA etc. contain different vulnerabilities, FlowBlot contains various cases of data flow instances grouped by program analysis technicals and language-specific complexities. If we have to explain what FlowBlot does in terms of DAST tools, FlowBlot benchmarks their crawler components, quality of which are extremely critical for finding security issues.

README.md

SAST Benchmark Tool for Taint Analysis

FlowBlot.NET

About The Project

License

Contact

References

About

Contributors 3

Languages

License

CodeThreat/FlowBlot.NET

Sign In Required

Launching GitHub Desktop

Launching GitHub Desktop

Launching Xcode

Launching Visual Studio Code

Latest commit

Git stats

Files

About

Topics

Resources

License

Stars

Watchers

Forks

Languages