PLSysSec/sys

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PLSysSec/sys)

PLSysSec / sys

Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code

☆236

Alternatives and similar repositories for sys

Users that are interested in sys are comparing it to the libraries listed below

Sorting:

mlfbrown / sys2
View on GitHub
Sys, but no longer in Haskell
☆19Mar 14, 2022Updated 3 years ago
eurecom-s3 / symcc
View on GitHub
SymCC: efficient compiler-based symbolic execution
☆856May 12, 2025Updated 9 months ago
seclab-ucr / KOOBE
View on GitHub
Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
☆91May 7, 2024Updated last year
vusec / parmesan
View on GitHub
ParmeSan: Sanitizer-guided Greybox Fuzzing
☆177Apr 19, 2024Updated last year
sslab-gatech / qsym
View on GitHub
QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
☆655Nov 23, 2022Updated 3 years ago
AFLplusplus / AFL-Snapshot-LKM
View on GitHub
A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
☆141Aug 17, 2021Updated 4 years ago
evanmak / savior-source
View on GitHub
source code for savior fuzzer
☆127Oct 1, 2020Updated 5 years ago
HexHive / Gramatron
View on GitHub
Coverage-guided grammar aware fuzzer that uses grammar automatons
☆75Nov 27, 2021Updated 4 years ago
RUB-SysSec / grimoire
View on GitHub
☆132Oct 10, 2019Updated 6 years ago
HexHive / retrowrite
View on GitHub
RetroWrite -- Retrofitting compiler passes through binary rewriting
☆736Apr 26, 2025Updated 10 months ago
sslab-gatech / hydra
View on GitHub
Hydra: an Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems
☆173Aug 8, 2022Updated 3 years ago
ChengyuSong / Kirenenko
View on GitHub
Super Fast Concolic Execution Engine based on Source Code Taint Tracing
☆102Jul 14, 2022Updated 3 years ago
RUB-SysSec / redqueen
View on GitHub
☆400Sep 23, 2021Updated 4 years ago
andreafioraldi / qasan
View on GitHub
QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
☆350Jul 30, 2024Updated last year
eurecom-s3 / symqemu
View on GitHub
SymQEMU: Compilation-based symbolic execution for binaries
☆368May 5, 2025Updated 9 months ago
strongcourage / uafuzz
View on GitHub
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
☆350Sep 25, 2023Updated 2 years ago
andreafioraldi / weizz-fuzzer
View on GitHub
☆99Oct 19, 2020Updated 5 years ago
seahorn / sea-dsa
View on GitHub
A new context, field, and array-sensitive heap analysis for LLVM bitcode based on DSA.
☆168Dec 4, 2025Updated 2 months ago
PLSysSec / haybale
View on GitHub
Symbolic execution of LLVM IR with an engine written in Rust
☆578Oct 27, 2023Updated 2 years ago
trailofbits / polytracker
View on GitHub
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
☆588Feb 20, 2026Updated last week
hgarrereyn / GraphFuzz
View on GitHub
GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.
☆271Jan 16, 2024Updated 2 years ago
AngoraFuzzer / Angora
View on GitHub
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic e…
☆954Jul 18, 2022Updated 3 years ago
mchalupa / dg
View on GitHub
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
☆524May 21, 2025Updated 9 months ago
trailofbits / Honeybee
View on GitHub
An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite
☆131Feb 13, 2022Updated 4 years ago
HexHive / FuZZan
View on GitHub
FuZZan: Efficient Sanitizer Metadata Design for Fuzzing
☆124Mar 31, 2021Updated 4 years ago
seahorn / clam
View on GitHub
Static Analyzer for LLVM bitcode based on Abstract Interpretation. **Update**: clam is still actively maintained. Please use branch dev1…
☆287Apr 21, 2024Updated last year
carolemieux / afl-rb
View on GitHub
FairFuzz: AFL extension targeting rare branches
☆252Feb 19, 2019Updated 7 years ago
aflsmart / aflsmart
View on GitHub
Smart Greybox Fuzzing (https://thuanpv.github.io/publications/TSE19_aflsmart.pdf)
☆520Jan 18, 2022Updated 4 years ago
nautilus-fuzz / nautilus
View on GitHub
A grammar based feedback Fuzzer
☆464Aug 17, 2024Updated last year
fgsect / unicorefuzz
View on GitHub
Fuzzing the Kernel Using Unicornafl and AFL++
☆305Jan 2, 2023Updated 3 years ago
jkrshnmenon / arbiter
View on GitHub
☆239Jan 14, 2024Updated 2 years ago
abenkhadra / bcov
View on GitHub
Static instrumentation tool for efficient binary-level coverage analysis.
☆151Jan 25, 2021Updated 5 years ago
GJDuck / e9patch
View on GitHub
A powerful static binary rewriting tool
☆1,089Feb 15, 2026Updated last week
puppet-meteor / MOpt-AFL
View on GitHub
MOpt-AFL provided by the paper "MOPT: Optimized Mutation Scheduling for Fuzzers"
☆216Jan 26, 2021Updated 5 years ago
zhunki / Superion
View on GitHub
Superion is a fuzzer which extends the famous AFL to support structured inputs such as JavaScript and XML.
☆140Aug 18, 2022Updated 3 years ago
sslab-gatech / ArcHeap
View on GitHub
ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives
☆159Mar 3, 2021Updated 4 years ago
SVF-tools / SVF
View on GitHub
Static Value-Flow Analysis Framework for Source Code
☆1,652Updated this week
ucsb-seclab / karonte
View on GitHub
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
☆422Sep 18, 2021Updated 4 years ago
TortoiseFuzz / TortoiseFuzz
View on GitHub
☆90Oct 25, 2021Updated 4 years ago