David Hauzar
Jan Kofroň
2012
On Security Analysis of PHP Web Applications
STPSA 2012
IEEE
577–582
10.1109/COMPSACW.2012.106
David Hauzar
Jan Kofroň
2014
Weverca
http://d3s.mff.cuni.cz/projects/formal_methods/weverca/
Dongseok Jang
Kwang-Moo Choe
2009
Points-to analysis for JavaScript
SAC '09
ACM
New York, NY, USA
1930–1937
10.1145/1529282.1529711
N. Jovanovic
C. Kruegel
E. Kirda
2006
Pixy: a static analysis tool for detecting Web application vulnerabilities
S&P'06
IEEE
10.1109/SP.2006.29
Etienne Kneuss
Philippe Suter
Viktor Kuncak
2010
Runtime Instrumentation for Precise Flow-Sensitive Type Analysis
RV
300–314
10.1007/978-3-642-16612-9_23
Benjamin Livshits
Stephen Chong
2013
Towards Fully Automatic Placement of Security Sanitizers and Declassifiers
POPL '13
ACM
New York, NY, USA
385–398
10.1145/2429069.2429115
Flemming Nielson
Hanne R. Nielson
Chris Hankin
1999
Principles of Program Analysis
Springer-Verlag New York, Inc.
Secaucus, NJ, USA
10.1007/978-3-662-03811-6
Max Schäfer
Manu Sridharan
Julian Dolby
Frank Tip
2013
Dynamic Determinacy Analysis
PLDI '13
ACM
New York, NY, USA
165–174
10.1145/2499370.2462168
Manu Sridharan
2011
F4F: Taint Analysis of Framework-based Web Applications
OOPSLA '11
ACM
New York, NY, USA
1053–1068
10.1145/2048066.2048145
Manu Sridharan
2012
Correlation Tracking for Points-to Analysis of Javascript
ECOOP'12
Springer-Verlag
Berlin, Heidelberg
435–458
10.1007/978-3-642-31057-7_20
Omer Tripp
2009
TAJ: Effective Taint Analysis of Web Applications
PLDI '09
ACM
New York, NY, USA
87–97
10.1145/1542476.1542486
Omer Tripp
2013
ANDROMEDA: Accurate and Scalable Security Analysis of Web Applications
FASE'13
Springer-Verlag
Berlin, Heidelberg
210–225
10.1007/978-3-642-37057-1_15
Shiyi Wei
Barbara G. Ryder
2013
Practical Blended Taint Analysis for JavaScript
ISSTA 2013
ACM
New York, NY, USA
336–346
10.1145/2483760.2483788
Fang Yu
Muath Alkhalaf
Tevfik Bultan
2010
Stranger: An automata-based string analysis tool for PHP
TACAS'10
10.1007/978-3-642-12002-2_13