crete-devCRETE under development
Stars: ✭ 56 (+166.67%)
BapBinary Analysis Platform
Stars: ✭ 1,385 (+6495.24%)
CrosshairAn analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (+2690.48%)
Sienna LocomotiveA user-friendly fuzzing and crash triage tool for Windows
Stars: ✭ 130 (+519.05%)
SysSys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Stars: ✭ 149 (+609.52%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+1257.14%)
KirenenkoSuper Fast Concolic Execution Engine based on Source Code Taint Tracing
Stars: ✭ 84 (+300%)
KleeflSeeding fuzzers with symbolic execution
Stars: ✭ 172 (+719.05%)
Befa LibraryHigh-level library for executable binary file analysis
Stars: ✭ 12 (-42.86%)
binary-decompilationExtracting high level semantic information from binary code
Stars: ✭ 55 (+161.9%)
ManticoreSymbolic execution tool
Stars: ✭ 2,599 (+12276.19%)
UTBotCppTool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage
Stars: ✭ 59 (+180.95%)
AndromedaAndromeda - Interactive Reverse Engineering Tool for Android Applications
Stars: ✭ 627 (+2885.71%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+14100%)
SixtyPicalA 6502-oriented low-level programming language supporting advanced static analysis
Stars: ✭ 25 (+19.05%)
DeepstateA unit test-like interface for fuzzing and symbolic execution
Stars: ✭ 603 (+2771.43%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+1457.14%)
binary-auditing-solutionsLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Stars: ✭ 61 (+190.48%)
AngoraAngora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.
Stars: ✭ 669 (+3085.71%)
TritonTriton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.
Stars: ✭ 1,934 (+9109.52%)
BineeBinee: binary emulation environment
Stars: ✭ 408 (+1842.86%)
ApisanAPISan: Sanitizing API Usages through Semantic Cross-Checking
Stars: ✭ 46 (+119.05%)
BEFA-LibraryHigh-level library for executable binary file analysis
Stars: ✭ 14 (-33.33%)
RelBinsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.
Stars: ✭ 27 (+28.57%)
jayhornStatic checker for Java
Stars: ✭ 54 (+157.14%)
golintuiA simple terminal UI for Go linters
Stars: ✭ 73 (+247.62%)
srcinvsource code audit tool
Stars: ✭ 45 (+114.29%)
emmutalerA set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
Stars: ✭ 126 (+500%)
automutateApplies waves of mutations provided by other tools, such as linters or codemods.
Stars: ✭ 13 (-38.1%)
pyradamsaPython bindings for calling radamsa mutators
Stars: ✭ 16 (-23.81%)
pahoutA pair programming partner for writing better PHP. Pahout means PHP mahout 🐘
Stars: ✭ 43 (+104.76%)
bridgecrew-actionThis Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
Stars: ✭ 52 (+147.62%)
fuzzingEasy fuzzing with go-fuzz
Stars: ✭ 15 (-28.57%)
static-code-analysis-pluginA plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.
Stars: ✭ 36 (+71.43%)
toughfuzzerTough Fuzzer is an obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter. In each case, the obstacle is insurmountable in a reasonable period of time using random inputs or even coverage-guided mutation.
Stars: ✭ 18 (-14.29%)
ML4Sec-papersResearch papers on ML for security
Stars: ✭ 27 (+28.57%)
fuzzing-tutorialCurated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.
Stars: ✭ 74 (+252.38%)
monadic-cfaGeneric implementation of different CFA families based on monadic decomposition
Stars: ✭ 16 (-23.81%)
analysis-netStatic analysis framework for .NET programs.
Stars: ✭ 19 (-9.52%)
averroesJava bytecode generator for sound and precise partial program analysis
Stars: ✭ 19 (-9.52%)
kleespectreKLEESpectre is a symbolic execution engine with speculation semantic and cache modelling
Stars: ✭ 31 (+47.62%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (+233.33%)
progge.rsProgram analysis playground for a simple, imperative language
Stars: ✭ 29 (+38.1%)
libfuzzer-covGet actually nice HTML coverage overview on libfuzzer runs
Stars: ✭ 20 (-4.76%)
fuzzing🐰 Tool set for fuzz and stress testing your functions!
Stars: ✭ 22 (+4.76%)
infrared✨🚀 Blazing fast, inferred static type checker for JavaScript.
Stars: ✭ 46 (+119.05%)
FuSeBMCFuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.
Stars: ✭ 26 (+23.81%)
healerKernel fuzzer inspired by Syzkaller.
Stars: ✭ 194 (+823.81%)
BinKitBinary Code Similarity Analysis (BCSA) Benchmark
Stars: ✭ 54 (+157.14%)
fuzzufFuzzing Unification Framework
Stars: ✭ 263 (+1152.38%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+2314.29%)
ManuFuzzerBinary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
Stars: ✭ 118 (+461.9%)