748 Open source projects that are alternatives of or similar to crusher

CRETE under development

Binary Analysis Platform

An analysis tool for Python that blurs the line between testing and type systems.

A user-friendly fuzzing and crash triage tool for Windows

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

🐺 Malware analysis platform

Super Fast Concolic Execution Engine based on Source Code Taint Tracing

Seeding fuzzers with symbolic execution

High-level library for executable binary file analysis

Extracting high level semantic information from binary code

Symbolic execution tool

Tool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage

Andromeda - Interactive Reverse Engineering Tool for Android Applications

sleigh craft!

Program for determining types of files for Windows, Linux and MacOS.

A 6502-oriented low-level programming language supporting advanced static analysis

A unit test-like interface for fuzzing and symbolic execution

🐺 Malware analysis platform

Learn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Triton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.

Binee: binary emulation environment

APISan: Sanitizing API Usages through Semantic Cross-Checking

High-level library for executable binary file analysis

Binsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.

Static checker for Java

A simple terminal UI for Go linters

My fuzzing corpus

📚 An ultimate collection wordlists of the best-known CMS

Assorted pintools

Android malware detection using static and dynamic analysis

source code audit tool

A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.

Applies waves of mutations provided by other tools, such as linters or codemods.

Python bindings for calling radamsa mutators

A pair programming partner for writing better PHP. Pahout means PHP mahout 🐘

This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.

Easy fuzzing with go-fuzz

GitHub Action to set up Fortify ScanCentral Client

A plugin to simplify Static Code Analysis on Gradle. Not restricted to, but specially useful, in Android projects, by making sure all analysis can access the SDK classes.

go-sqlancer

Tough Fuzzer is an obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter. In each case, the obstacle is insurmountable in a reasonable period of time using random inputs or even coverage-guided mutation.

Research papers on ML for security

Curated list of classic fuzzing books, papers about fuzzing at information security top conferences over the years, commonly used fuzzing tools, and resources that can help us use fuzzer easily.

Generic implementation of different CFA families based on monadic decomposition

Static analysis framework for .NET programs.

Java bytecode generator for sound and precise partial program analysis

KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Code Climate Engine for ESLint

Program analysis playground for a simple, imperative language

Get actually nice HTML coverage overview on libfuzzer runs

🐰 Tool set for fuzz and stress testing your functions!

✨🚀 Blazing fast, inferred static type checker for JavaScript.

FuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.

Kernel fuzzer inspired by Syzkaller.

Binary Code Similarity Analysis (BCSA) Benchmark

Fuzzing Unification Framework

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM