The group has made available a number of software tools that can be also found in the individual research activities.

• LastPyMie (A tool for identifying the differences between build artifacts of PyPI packages and the respective source code repository) is available on Github. The paper appears on ESEC/FSE'21.
• R-code (zip file) to generate the case controlled study for vulnerability exploitation is available for sharing. The paper appears in ACM TISSEC. The datasets are also available.
• TestREx (a Testbed for Repeatable Exploits) is available on GitHub. Instructions on how to use are available on our wiki. The paper appears on USENIX CSET'14.
• MalwareLab scripts for experimenting with exploit kits described in our malware_analysis are available for download (ZIP). The paper appears in Usenix CSET 2013. An additional archive with historical releases of Mozilla Firefox, Opera Browser, Adobe Flash and Adobe Reader is also available for sharing. You can follow the guidelines here to request it.
• The Web-service for Autonomic Interactive Authorization is available as open source. The paper appears in ACM TAAS.

• As a result of our research on Securing Access to Cloud Storage, we have developed a prototype for securing data, as well as access control policies in outsourced environments. To get the source code, please contact Muhammad Rizwan Asghar.
• We released the binaries of the SxC verifier for Java Card (the developer version for PC). It is a result of our work on applying the Security-by-Contract paradigm to Java smart cards (check out Security-by-Contract for Mobiles and Smart Cards for more details). To get the binaries please contact Fabio Massacci or Olga Gadyatskayaname.surname@unitn.it
• UNICORN: modeling and reasoning on the uncertainty of requirements evolutions. It is a result of our research on Security Requirements Engineering