73 Open source projects that are alternatives of or similar to kleespectre

Microarchitectural exploitation and other hardware attacks.

Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack

a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD

A simple (unfinished) SMT solver for QF_ABV.

Binary Analysis Platform

IDA 2016 plugin contest winner! Symbolic Execution just one-click away!

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

Chrome Extension for Send Push Notification 🔔 to gotify/server ☁

Use angr in Ghidra

Playing with the Tigress binary protection. Break some of its protections and solve some of its challenges. Automatic deobfuscation using symbolic execution, taint analysis and LLVM.

Triton is a Dynamic Binary Analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a dynamic taint engine, AST representations of the x86, x86-64, ARM32 and AArch64 Instructions Set Architecture (ISA), SMT simplification passes, an SMT solver interface and, the last but not least, Python bindings.

CRETE under development

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.

A symbolic debugger for C/C++ (via LLVM), machine code, and JVM programs

An open source interactive disassembler

Yet another implementation of AEG (Automated Exploit Generation) using symbolic execution engine Triton.

A unit test-like interface for fuzzing and symbolic execution

Read Spectre PSF files

Use angr in the IDA Pro debugger generating a state from the current debug session

History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)

Simple Theorem Prover, an efficient SMT solver for bitvectors

No description or website provided.

CRAX: software CRash analysis for Automatic eXploit generation

SymGDB - symbolic execution plugin for gdb

Code for my blog post on using S2E for malware analysis

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

Proof of concept code for the Spectre CPU exploit.

KLEE Symbolic Execution Engine

symbolic execution plugin for binary ninja

Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine

Official Alias source code repository

Simplify Ethereum security analysis and testing

A 6502-oriented low-level programming language supporting advanced static analysis

APISan: Sanitizing API Usages through Semantic Cross-Checking

Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).

Adaptive Callsite-sensitive Control Flow Integrity - EuroS&P'19

Symbolic execution tool

GPU-accelerated Factors analysis library and Backtester

A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

Tool that generates unit test by C/C++ source code, trying to reach all branches and maximize code coverage

An analysis tool for Python that blurs the line between testing and type systems.

Super Fast Concolic Execution Engine based on Source Code Taint Tracing

yet another tool for analysing binaries

Reverse engineering framework in Python

A lightweight VM for hardware hacking, RE (fuzzing, symEx, exploiting etc) and wargaming tasks

Main repository of the Vigor NF verification project.

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.

Symbiotic is a tool for finding bugs in computer programs based on instrumentation, program slicing and KLEE

The Symbolic, Mechanized, Observable, Operational SHell: an executable formalization of the POSIX shell standard.

TRACER Symbolic Execution Tool

No description or website provided.

Automatic verification of LLVM optimizations

Spectre attack against SGX enclave

A data administration component library built on the Spectre.css framework enabled with CanJS

A [work-in-progress] self-hosted personal finance app

Automatic ROPChain Generation

Binsec/Rel is an extension of Binsec that implements relational symbolic execution for constant-time verification and secret-erasure at binary-level.

Extracting high level semantic information from binary code

Symbolic Execution Engine for Boogie