Data

Tools

Indexes

Applications

Experiments

Open Source Science

securibench-micro.js

A Securibench Micro inspired program analysis benchmark for server-side JavaScript

https://github.com/davidbakereffendi/securibench-micro.js

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (6.0%) to scientific vocabulary

Keywords

dynamic-analysis javascript securibench-micro static-analysis
Last synced: 6 months ago · JSON representation ·

Repository

A Securibench Micro inspired program analysis benchmark for server-side JavaScript

Basic Info
  • Host: GitHub
  • Owner: DavidBakerEffendi
  • License: apache-2.0
  • Language: JavaScript
  • Default Branch: main
  • Homepage:
  • Size: 9.43 MB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 5
Topics
dynamic-analysis javascript securibench-micro static-analysis
Created over 1 year ago · Last pushed about 1 year ago
Metadata Files
Readme License Citation

README.md

SecuribenchMicro.js

A Securibench Micro v1.08 inspired program analysis benchmark for server-side JavaScript. This uses Express.js as the server-side framework.

All test cases can be found under test-cases and each test case endpoint matches the directory structure, e.g., test-cases/aliasing/1.js can be pinged at localhost:3000/aliasing/1.

To start:

npm install npm start

lib.js should be considered "external" as any other library found in node_modules. It is meant to mock many of the Java built-in classes that are tested against in the original Securibench Micro benchmark.

Test Cases

| Category | Count | | -------------- | ----- | | aliasing | 6 | | arrays | 10 | | basic | 40 | | datastructures | 6 | | factories | 3 | | inter | 14 | | pred | 9 | | reflection | 4 | | sanitizers | 6 | | session | 3 | | strong_updates | 5 |

Disclaimer: This repository attempts to recreate the original in JavaScript in the most idiomatic way possible, however, some tests do not have comparable versions, e.g., collections. Other tests may simplify to effectively the same as others, thus these duplicates are also omitted. Some typos and incorrect vulnerability counts are fixed and verifiable by running the app. Notable changes:

  • Aliasing 3 is marked as non-vulnerable
  • Basic 24 was missing its "BAD" comment
  • Datastructures1 is marked as vulnerable

Owner

  • Name: David Baker Effendi
  • Login: DavidBakerEffendi
  • Kind: user
  • Location: Stellenbosch

PhD Candidate: Computer Science @ Stellenbosch University.

Citation (CITATION.cff) 

cff-version: 1.2.0
message: >
  If you use this software, please cite it as below.
title: "SecuribenchMicro.js"
authors:
  - family-names: Baker Effendi
    given-names: Sedick David
    name: Sedick David Baker Effendi
    orcid: https://orcid.org/0000-0002-4942-626X
date-released: 2024-11-19
# version: 1.0.0
repository-code: https://github.com/DavidBakerEffendi/securibench-micro.js
keywords:
  - Node.js
  - JavaScript
  - Security
  - Benchmarks
  - Micro Benchmarks
  - Static Analysis
  - Dynamic Analysis
abstract: >
  This repository is a JavaScript/Node.js adaptation of the Securibench Micro project,
  designed for testing and analyzing security vulnerabilities in small code snippets.
license: Apache 2.0

GitHub Events

Total
  • Release event: 5
  • Delete event: 1
  • Push event: 23
  • Pull request event: 2
  • Create event: 7
Last Year
  • Release event: 5
  • Delete event: 1
  • Push event: 23
  • Pull request event: 2
  • Create event: 7

Issues and Pull Requests

Last synced: 11 months ago

All Time
  • Total issues: 0
  • Total pull requests: 1
  • Average time to close issues: N/A
  • Average time to close pull requests: less than a minute
  • Total issue authors: 0
  • Total pull request authors: 1
  • Average comments per issue: 0
  • Average comments per pull request: 0.0
  • Merged pull requests: 1
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 1
  • Average time to close issues: N/A
  • Average time to close pull requests: less than a minute
  • Issue authors: 0
  • Pull request authors: 1
  • Average comments per issue: 0
  • Average comments per pull request: 0.0
  • Merged pull requests: 1
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
  • DavidBakerEffendi (2)
Top Labels
Issue Labels
Pull Request Labels

Dependencies

package-lock.json npm
  • 122 dependencies
package.json npm
  • husky ^9.1.7 development
  • lint-staged ^15.2.10 development
  • prettier 3.3.3 development
  • express ^4.21.1