Inspector J is a Java bytecodes parser to find side channels flaws.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


InspectorJ is a tool that combines static flow analyses with dynamic checks in Java programs to automatically detect security vulnerabilities. The tool is able to handle subtyping polymorphism and is able to detect timing and command injection attacks. Also, the tool inserts instrumentation in Java programs to prevent the execution of unsafe parts of the code. To this end, we use the Soot framework for code analysis and optimization.