An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts. - hardik05/Damn_Vulnerable_C_Program

A set of vulnerable C code snippets (with mapped CVEs) - conikeec/seeve

This C program has been deliberately backdoored with several memory corruption bugs to test the efficacy of fuzzers and other analysis tools. Each vulnerability is clearly commented in fuzzgoat.c. Under input-files/ are files to trigger each ...

A reference Git repository to demonstrate vulnerable C and C++ patterns in code - lirantal/vulnerable-c-and-cpp

A C/C++ Code Vulnerability Dataset with Code Changes and CVE Summaries - ZeoVan/MSR_20_Code_vulnerability_CSV_Dataset

Tarpit-C is a collection of code snippets that mimic common vulnerable conditions found in C/C++ code such as buffer overflow, integer overflow, use-after-free, double free, underflows etc. The code snippets are generally not meant to compile.

An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts. - Damn_Vulnerable_C_Program/imgRead.c at master · hardik05/Damn_Vulnerable_C_Program

Source Code Vulnerability Detection Tools（SCVDT）provides a vulnerable code database, vulnerability detection service for Java and C/C++ programs, and other security service. - CGCL-codes/SCVDT

A reference Git repository to demonstrate vulnerable C and C++ patterns in code - lirantal/vulnerable-c-and-cpp

This is an in depth exploration of buffer overflow attacks in vulnerable C/C++ programs. All programs are run in a 32-bit machine with Debian GNU/Linux 7.8. It's important to note that Address space layout randomization is disabled.

I want to practice some C/C++ vulnerabilities that are based on real world problems, or mimic them. Give me a code snippet with one of these vulnerability problems: * Out-of-bound READ * Out-of-bound WRITE * Any buffer overflows * Use after free * Memroy leak * Off by one problems * Integer overflow * Integer underflow * Type confusion Make the problem real and kind of challenging for me.

A reference Git repository to demonstrate vulnerable C and C++ patterns in code - lirantal/vulnerable-c-and-cpp

This repository holds five datasets that list existing Buffer Overflow vulnerabilities in more than 10000 source code files written in C. Particularly, it is suitable for extracting features and creating training datasets for Machine Learning.

A small collection of vulnerable code snippets . Contribute to snoopysecurity/Broken-Vulnerable-Code-Snippets development by creating an account on GitHub.

This is an example buffer overflow attack on a small vulnerable C program. - npapernot/buffer-overflow-attack

Database of "VulDeePecker: A Deep ... two types of vulnerabilities in C/C++ programs, buffer error vulnerability (CWE-119) and resource management error vulnerability (CWE-399)....

Specifically, we propose a novel idea that can efficiently convert the source code of a function into an image while preserving the program details. We implement VulCNN and evaluate it on a dataset of 13,687 vulnerable functions and 26,970 non-vulnerable functions.

Code examples for the talk Secure Coding Practices in C++ - patricia-gallardo/insecure-coding-examples

const char Usage[94] = "Usage: %s [port_number]\n\nIf no port number is provided, the default port of %s will be used.\n"; ... printf("\nThis is vulnerable software!\nDo not allow access from untrusted systems or networks!\n\n");

We collected a large C/C++ code vulnerability dataset from open-source Github projects, namely Big-Vul. We crawled the public Common Vulnerabilities and Exposures (CVE) database and CVE-related source code repositories. Specifically, we collected the descriptive information of the vulnerabilities from the CVE database, e.g., CVE IDs, CVE severity scores, and CVE summaries.