This project develops security software components running on Kunpeng processors, specifically focusing on trusted computing related software components such as remote attestation client and service, etc.

MalNPMDetector 是一款专为 npm 软件包设计的恶意包检测系统。该系统采用高效的静态规则匹配，能够在大规模数据集中快速筛选出可疑的恶意包和混淆软件包。随后，通过基于字符串的污点分析进一步精确筛查，从初步筛选的可疑软件包中缩小范围。整个流程无需运行 npm 软件包，即可高效识别潜在威胁，从而防止恶意包污染 npm 软件供应链。

It includes ontology learning for Competency questions (CQ) and heterogeneous input from multiple sources, and has a complete front-end user interface. CQ can be used to generate ontology validation.

基于（https://github.com/ufrisk/MemProcFS）实现的内存可视化分析软件，能够基于dma技术直接获取设备的物理内存并进行解析、直观的分析内存数据并尝试检测潜在的恶意代码信息

针对Android应用的隐私合规审查工具