Alternatives and similar repositories for cannoli:

Users that are interested in cannoli are comparing it to the libraries listed below

• intel / tsffs
  A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
  ☆300Updated this week
• nyx-fuzz / libxdc
  The fastest Intel-PT decoder for fuzzing
  ☆370Updated last year
• awslabs / snapchange
  Lightweight fuzzing of a memory snapshot using KVM
  ☆453Updated last year
• IntelLabs / kAFL
  A fuzzer for full VM kernel/driver targets
  ☆692Updated 3 weeks ago
• borzacchiello / seninja
  symbolic execution plugin for binary ninja
  ☆315Updated last year
• aemmitt-ns / radius2
  radius2 is a fast binary emulation and symbolic execution framework using radare2
  ☆611Updated 4 months ago
• GJDuck / e9patch
  A powerful static binary rewriting tool
  ☆1,016Updated last week
• falconre / falcon
  Binary Analysis Framework in Rust
  ☆560Updated last year
• intel / kernel-fuzzer-for-xen-project
  Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
  ☆474Updated 9 months ago
• lifting-bits / anvill
  anvill forges beautiful LLVM bitcode out of raw machine code
  ☆348Updated 7 months ago
• 0xricksanchez / like-dbg
  Fully dockerized Linux kernel debugging environment
  ☆747Updated 7 months ago
• googleprojectzero / TinyInst
  A lightweight dynamic instrumentation library
  ☆1,235Updated 3 weeks ago
• HexHive / retrowrite
  RetroWrite -- Retrofitting compiler passes through binary rewriting
  ☆705Updated 11 months ago
• revng / revng-c
  ☆425Updated 4 months ago
• pietroborrello / CustomProcessingUnit
  The first analysis framework for CPU microcode
  ☆391Updated 2 years ago
• lifting-bits / rellic
  Rellic produces goto-free C output from LLVM bitcode
  ☆555Updated 7 months ago
• quarkslab / rewind
  Snapshot-based coverage-guided windows kernel fuzzer
  ☆317Updated 3 years ago
• S2E / s2e
  S2E: A platform for multi-path program analysis with selective symbolic execution.
  ☆461Updated 4 months ago
• Ben-Lichtman / ropr
  A blazing fast™ multithreaded ROP Gadget finder. ropper / ropgadget alternative
  ☆498Updated 6 months ago
• gamozolabs / fuzz_with_emus
  Why fuzzing with emulators is amazing
  ☆136Updated 4 years ago
• trailofbits / polytracker
  An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
  ☆562Updated 2 weeks ago
• bcoles / kasld
  Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address a…
  ☆435Updated last year
• GrammaTech / ddisasm
  A fast and accurate disassembler
  ☆700Updated 2 months ago
• trailofbits / mishegos
  A differential fuzzer for x86 decoders
  ☆250Updated 6 months ago
• mebeim / systrack
  📡🐧 Linux kernel syscall implementation tracker
  ☆210Updated 3 weeks ago
• icicle-emu / icicle-emu
  Core emulator components for Icicle
  ☆204Updated 2 weeks ago
• eurecom-s3 / symqemu
  SymQEMU: Compilation-based symbolic execution for binaries
  ☆343Updated 5 months ago
• binsync / binsync
  A reversing plugin for cross-decompiler collaboration, built on git.
  ☆634Updated last week
• googleprojectzero / SockFuzzer
  ☆439Updated 6 months ago
• mahaloz / decomp2dbg
  A plugin to introduce interactive symbols into your debugger from your decompiler
  ☆661Updated last week