Skip to content

Latest commit

 

History

History
68 lines (42 loc) · 2.91 KB

README.md

File metadata and controls

68 lines (42 loc) · 2.91 KB

SAST Benchmark Tool for Taint Analysis

Forks Stargazers Issues MIT License LinkedIn


Logo

FlowBlot.NET

About The Project

As a static code analysis development team, we asked ourselves the following questions

  • how well do we track “hacker sent input values” across a software?
  • how well do we perform when finding different types of security and quality bugs?

FlowBlot is static code analysis benchmark project by CodeThreat, including sink-source challenges grouped into various technical analysis concepts, implemented as a helper to answer the first question. It's paramountly important for a SAST tool to perform its best to answer this question in order to produce quality results. While other vulnerable applications like OWASP Benchmark, Juiceshop, DVWA etc. contain different vulnerabilities, FlowBlot contains various cases of data flow instances grouped by program analysis technicals and language-specific complexities. If we have to explain what FlowBlot does in terms of DAST tools, FlowBlot benchmarks their crawler components, quality of which are extremely critical for finding security issues.

License

Distributed under the GNU GPLv3 License.

Contact

CodeThreat Dev Team - @threatcode - [email protected]

References