IEEE

CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses

Abstract: Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security ...
GitHub

tools-to-sign-files-and-check-signatures.md

CryptoAPI Tools are the following tools that you can use to sign files digitally, to confirm signatures on files, and to create catalog files. CryptoAPI Tools are the following tools that you can use ...
Bleeping Computer

How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...
Hacker

MASC: A Tool for Mutation-Based Evaluation of Static Crypto-API Misuse Detectors

MASC is a user-friendly tool that uses mutation testing to evaluate crypto-detectors, discovering undocumented flaws and improving software security through an automated, customizable, and extensible ...
Hacker

Implementing MASC: A Flexible Tool for Crypto-API Misuse Detection

MASC is implemented with a modular structure to achieve flexibility, using configuration files for crypto-API parameters and mutation operators, automating evaluations with SARIF output, and providing ...
GitHub

API for cryptographic tools

API for cryptographic tools. Contribute to DrGregDoyle/CryptoAPI development by creating an account on GitHub.