Alternatives and similar repositories for flawfinder

Users that are interested in flawfinder are comparing it to the libraries listed below

• fkie-cad / cwe_checker
  cwe_checker finds vulnerable patterns in binary executables
  ☆1,227Updated 2 months ago
• jfoote / exploitable
  The 'exploitable' GDB plugin
  ☆733Updated 2 years ago
• 0xdea / semgrep-rules
  A collection of my Semgrep rules to facilitate vulnerability research.
  ☆645Updated last month
• armijnhemel / binaryanalysis-ng
  Binary Analysis Next Generation (BANG)
  ☆503Updated this week
• google / fuzztest
  ☆853Updated this week
• hardik05 / Damn_Vulnerable_C_Program
  An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
  ☆696Updated 8 months ago
• google / clusterfuzzlite
  ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
  ☆491Updated 6 months ago
• GJDuck / EnvFuzz
  Fuzz anything with Program Environment Fuzzing
  ☆389Updated 4 months ago
• analysis-tools-dev / dynamic-analysis
  ⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
  ☆1,007Updated last month
• Wenzel / checksec.py
  Checksec tool in Python, Rich output. Based on LIEF
  ☆336Updated this week
• airbus-seclab / c-compiler-security
  Security-related flags and options for C compilers
  ☆193Updated 2 years ago
• splintchecker / splint
  Splint - annotation-assisted static program checker
  ☆322Updated 6 months ago
• google / fuzzer-test-suite
  Set of tests for fuzzing engines
  ☆1,447Updated 3 years ago
• andrew-d / rough-auditing-tool-for-security
  Automatically exported from code.google.com/p/rough-auditing-tool-for-security
  ☆86Updated 4 years ago
• conikeec / seeve
  A set of vulnerable C code snippets (with mapped CVEs)
  ☆78Updated 11 months ago
• secure-software-engineering / phasar
  A LLVM-based static analysis framework.
  ☆988Updated this week
• googleprojectzero / winafl
  A fork of AFL for fuzzing Windows binaries
  ☆2,439Updated last week
• googleprojectzero / TinyInst
  A lightweight dynamic instrumentation library
  ☆1,259Updated 2 months ago
• aflnet / aflnet
  AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)
  ☆933Updated 3 weeks ago
• rizsotto / scan-build
  Clang's scan-build re-implementation in python
  ☆379Updated 2 years ago
• jerdna-regeiz / splitmind
  Split information output of pwndbg output
  ☆197Updated last year
• google / libprotobuf-mutator
  Library for structured fuzzing with protobuffers
  ☆619Updated 2 months ago
• scriptingxss / owasp-fstm
  The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers,…
  ☆421Updated 3 years ago
• ossf / fuzz-introspector
  Fuzz Introspector -- introspect, extend and optimise fuzzers
  ☆418Updated this week
• uds-se / FormatFuzzer
  FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.
  ☆420Updated 2 weeks ago
• GJDuck / e9patch
  A powerful static binary rewriting tool
  ☆1,019Updated 2 months ago
• eurecom-s3 / symcc
  SymCC: efficient compiler-based symbolic execution
  ☆817Updated last month
• sarnold / cccc
  Source code counter and metrics tool for C++, C, and Java
  ☆65Updated 2 years ago
• semgrep / semgrep-rules
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆926Updated this week
• nluedtke / linux_kernel_cves
  Tracking CVEs for the linux Kernel
  ☆747Updated last year