Alternatives and similar repositories for kAFL:

Users that are interested in kAFL are comparing it to the libraries listed below

• nccgroup / TriforceAFL
  AFL/QEMU fuzzing with full-system emulation.
  ☆628Updated 6 years ago
• ucsb-seclab / difuze
  Fuzzer for Linux Kernel Drivers
  ☆374Updated 2 years ago
• vusec / vuzzer
  ☆379Updated 5 years ago
• compsec-snu / razzer
  A Kernel fuzzer focusing on race bugs
  ☆364Updated 5 years ago
• RUB-SysSec / redqueen
  ☆378Updated 3 years ago
• aflsmart / aflsmart
  Smart Greybox Fuzzing (https://thuanpv.github.io/publications/TSE19_aflsmart.pdf)
  ☆508Updated 3 years ago
• hunter-ht-2018 / ptfuzzer
  Improving AFL by using Intel PT to collect branch information
  ☆290Updated 5 years ago
• sslab-gatech / qsym
  QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
  ☆633Updated 2 years ago
• Battelle / afl-unicorn
  afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.
  ☆601Updated last year
• IntelLabs / kAFL
  A fuzzer for full VM kernel/driver targets
  ☆668Updated 2 weeks ago
• shellphish / driller
  Driller: augmenting AFL with symbolic execution!
  ☆909Updated 2 years ago
• FSecureLABS / KernelFuzzer
  Cross Platform Kernel Fuzzer Framework
  ☆447Updated 6 years ago
• intel / kernel-fuzzer-for-xen-project
  Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
  ☆470Updated 6 months ago
• talos-vulndev / afl-dyninst
  American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
  ☆186Updated 3 years ago
• googleprojectzero / bochspwn
  A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities
  ☆329Updated 5 years ago
• bnagy / crashwalk
  Bucket and triage on-disk crashes. OSX and Linux.
  ☆352Updated 3 months ago
• HexHive / T-Fuzz
  ☆248Updated 4 years ago
• nccgroup / TriforceLinuxSyscallFuzzer
  A linux system call fuzzer using TriforceAFL
  ☆174Updated 11 months ago
• angr / pyvex
  Python bindings for Valgrind's VEX IR.
  ☆345Updated this week
• andreafioraldi / qasan
  QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
  ☆343Updated 6 months ago
• mboehme / aflfast
  AFLFast (extends AFL with Power Schedules)
  ☆415Updated last year
• angr / patcherex
  Shellphish's automated patching engine, originally created for the Cyber Grand Challenge.
  ☆254Updated 2 weeks ago
• HexHive / retrowrite
  RetroWrite -- Retrofitting compiler passes through binary rewriting
  ☆692Updated 8 months ago
• nyx-fuzz / libxdc
  The fastest Intel-PT decoder for fuzzing
  ☆364Updated 11 months ago
• mxmssh / manul
  Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS
  ☆339Updated 4 years ago
• rc0r / afl-utils
  Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization
  ☆415Updated 6 years ago
• trailofbits / cb-multios
  DARPA Challenges Sets for Linux, Windows, and macOS
  ☆525Updated last year
• fgsect / unicorefuzz
  Fuzzing the Kernel Using Unicornafl and AFL++
  ☆296Updated 2 years ago
• googleprojectzero / bochspwn-reloaded
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆300Updated 5 years ago
• axt / angr-utils
  Handy utilities for the angr binary analysis framework, most notably CFG visualization
  ☆283Updated 5 years ago