Design and Implementation of an Ahead-of-Time Compiler for PHP, 2010. ,
Automated Security Review of PHP Web Applications with Static Code Analysis, 2010. ,
Static type inference for Ruby, Proceedings of the 2009 ACM symposium on Applied Computing, SAC '09, pp.1859-1866, 2009. ,
DOI : 10.1145/1529282.1529700
Profile-Guided Static Typing for Dynamic Scripting Languages, Proceedings of OOPSLA'09, pp.283-300, 2009. ,
PHP AiR: Analyzing PHP systems with Rascal, 2014 Software Evolution Week, IEEE Conference on Software Maintenance, Reengineering, and Reverse Engineering (CSMR-WCRE), pp.454-457, 2014. ,
DOI : 10.1109/CSMR-WCRE.2014.6747217
An empirical study of PHP feature usage: a static analysis perspective, Proceedings of the 2013 International Symposium on Software Testing and Analysis, ISSTA 2013, pp.325-335, 2013. ,
DOI : 10.1145/2483760.2483786
Securing web application code by static analysis and runtime protection, Proceedings of the 13th conference on World Wide Web , WWW '04, pp.40-52, 2004. ,
DOI : 10.1145/988672.988679
Precise alias analysis for static detection of web application vulnerabilities, Proceedings of the 2006 workshop on Programming languages and analysis for security , PLAS '06, pp.27-36, 2006. ,
DOI : 10.1145/1134744.1134751
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper) RASCAL: A Domain Specific Language for Source Code Analysis and Manipulation, IEEE Symposium on Security and Privacy Proceedings of SCAM'09, pp.258-263, 2006. ,
Eval Begone!: Semi-Automated Removal of Eval from JavaScript Programs, Proceedings of OOPSLA'12, pp.607-620, 2012. ,
URL : https://hal.archives-ouvertes.fr/hal-01009557
Static approximation of dynamically generated Web pages, Proceedings of the 14th international conference on World Wide Web , WWW '05, pp.432-441, 2005. ,
DOI : 10.1145/1060745.1060809
Reducing Dynamic Feature Usage in PHP Code, 2013. ,
The Eval That Men Do -A Large-Scale Study of the Use of Eval in JavaScript Applications, Proceedings of ECOOP'11, pp.52-78 ,
An Analysis of the Dynamic Behavior of JavaScript Programs, Proceedings of PLDI'10, pp.1-12, 2010. ,
Sound and Precise Analysis of Web Applications for Injection Vulnerabilities, Proceedings of PLDI'07, pp.32-41, 2007. ,
Static detection of cross-site scripting vulnerabilities, Proceedings of the 13th international conference on Software engineering , ICSE '08, pp.171-180, 2008. ,
DOI : 10.1145/1368088.1368112
The HipHop Compiler for PHP, Proceedings of OOPSLA'12, pp.575-586, 2012. ,