Alternatives and similar repositories for scat

Users that are interested in scat are comparing it to the libraries listed below

• paulmehta / Ablation
  Augmenting Static Analysis Using Pintool: Ablation
  ☆39Updated 9 years ago
• angr / fidget
  A tool to add simple inline patches to a binary to rearrange its stack frames, and other things!
  ☆46Updated 3 years ago
• piscou / FuzzWin
  ☆88Updated 10 years ago
• feliam / klee-taint
  KLEE-TAINT - Klee with taint analysis support
  ☆70Updated 7 years ago
• farosato / angr-antievasion
  Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).
  ☆35Updated 7 years ago
• airbus-seclab / elfesteem
  ELF/PE/Mach-O parsing library
  ☆51Updated last year
• c01db33f / reil
  REIL translation library
  ☆36Updated 9 years ago
• osirislab / dispatch
  Programmatic disassembly and patching
  ☆69Updated 8 years ago
• Cr4sh / Code-coverage-analysis-tools
  Code coverage analysis tools for the PIN Toolkit
  ☆60Updated 12 years ago
• carlosgprado / BrundleFuzz
  BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.
  ☆82Updated 9 years ago
• andreafioraldi / r2angrdbg
  Use angr inside the radare2 debugger. Create an angr state from the current debugger state.
  ☆34Updated 6 years ago
• disasmwinnie / proxbbe
  ProXBBE (Protocol eXtraction By Binary Execution)
  ☆31Updated 8 years ago
• andreafioraldi / angrdbg
  Abstract library to generate angr states from a debugger state
  ☆60Updated 5 years ago
• jrmuizel / kemufuzzer
  Automatically exported from code.google.com/p/kemufuzzer
  ☆26Updated 10 years ago
• kamou / pimp
  Triton based R2 plugin for concolic execution and total control
  ☆33Updated 6 years ago
• vanhauser-thc / afl-pin
  run AFL with pintool
  ☆66Updated 5 years ago
• pyoor / distiller
  A distributed corpus distillation tool for windows applications.
  ☆32Updated 8 years ago
• m000 / dtracker
  DataTracker: A Pin tool for collecting high-fidelity data provenance from unmodified programs.
  ☆95Updated 7 years ago
• mxatone / mitigation-bounty
  Old mitigation-bounty code that was applicable to edge before it use webkit/chrome
  ☆87Updated 8 years ago
• ouspg / libfuzzerfication
  libfuzzerfication - fuzzing for the rest of us!
  ☆61Updated 8 years ago
• panda-re / symbll
  Symbolic execution for LLVM traces produced by PANDA
  ☆40Updated 6 years ago
• andreafioraldi / pwntrace
  Use ltrace with pwnlib.tubes.process instances, useful for heap exploitation. Pwntools rocks!
  ☆51Updated 7 years ago
• tmr232 / GraphGrabber
  ☆28Updated last year
• polymorf / HeapView
  Tool to view heap chunks and memory writes (using pintool)
  ☆42Updated 6 years ago
• bx / bootloader_instrumentation_suite
  Bootloader research tools (very much a work in progress)
  ☆37Updated 6 years ago
• RolfRolles / SMTSample
  Course sample for SMT-Based Binary Program Analysis training class
  ☆31Updated 7 years ago
• CubicaLabs / IDASynergy
  A combination of an IDAPython Plugin and a control version system that result in a new reverse engineering collaborative addon for IDA Pr…
  ☆93Updated 9 years ago
• rpaleari / fuzztrace
  A "general-purpose" tracing tool
  ☆39Updated 10 years ago
• programa-stic / ropc-llvm
  ropc-llvm is a PoC of a Turing complete ROP compiler with support for a subset of LLVM IR. It is an extension of ropc.
  ☆69Updated 12 years ago
• onura / TaintAll
  TaintAll, a taint analysis and concolic execution tool
  ☆32Updated 8 years ago