Top 61 dynamic-analysis open source projects

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

This repo aims at providing practical examples on how to use r2frida

Automatic program repair for Java with generate-and-validate techniques ✌️✌️: jGenProg (2014) - jMutRepair (2016) - jKali (2016) - DeepRepair (2017) - Cardumen (2018) - 3sfix (2018)

Platform for Architecture-Neutral Dynamic Analysis

Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)

Automated code reviews via mutation testing - semantic code coverage.

The Redexer binary instrumentation framework for Dalvik bytecode

Dynamic definitions and types provider for ruby static analysis

Setup scripts for my Malware Analysis VMs

AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training https://www.nowsecure.com/event/advanced-frida-and-radare-a-hackers-delight/

Path based Dynamic Analysis

Binary Analysis Platform

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Hand-crafted Frida examples

A targeted input generator for Android that improves the effectiveness of dynamic malware analysis.

Kieker's main repository

Python antivirus evasion tool

Cycript backend powered by Frida.

monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

Radare2 and Frida better together.

An analysis tool for Python that blurs the line between testing and type systems.

See where each character on the screen came from in code.

A hackable malware sandbox for the 21st Century

History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)

Droidefense: Advance Android Malware Analysis Framework

Your performance & security consultant, an artisan command away.

A curated list of dynamic analysis tools for all programming languages, binaries, and more.

Binary instrumentation framework based on FRIDA

A dynamic analysis framework for WebAssembly programs.

Project moved to: https://github.com/llvm/llvm-project

Runtime checker for JS coding practices

Updated version of ApiTracer Pin tool

Android malware detection using static and dynamic analysis

An ethereum evm bytecode disassembler and static/dynamic analysis tool

A multi-body simulation software

Vendor-Neutral Security Tool Automation Controller (over REST)

OPEM (Open Source PEM Fuel Cell Simulation Tool)

Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages

DrCCTProf is a fine-grained call path profiling framework for binaries running on ARM and X86 architectures.

A library for detecting certain improper uses of the "Defer, Panic, and Recover" pattern in Go programs

Python AV Evasion Tools

A list of awesome malware detection tools

Find exploitable PHP files by parameter fuzzing and function call tracing

Talvos is a dynamic-analysis framework and debugger for Vulkan/SPIR-V programs.

The radare2 + frida book for Mobile Application assessment

TIRO - A hybrid iterative deobfuscation framework for Android applications

libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)

guardrails.cs.virginia.edu

A graph-based static-dynamic hybrid DEX code analysis tool

Intentionally vulnerable Android application.

Defund the Police.

Tool for detecting violations of ordering axioms in qsort/bsearch callbacks.

Integrates OWASP Zed Attack Proxy reports into SonarQube

a friendly wrapper around ptrace

Static and dynamic Android application security analysis