Alternatives and similar repositories for flawfinder

Users that are interested in flawfinder are comparing it to the libraries listed below

• danmar / cppcheck

  View on GitHub
  static analysis of C/C++ code
  ☆6,502Updated this week
• 0xdea / semgrep-rules

  View on GitHub
  A collection of my Semgrep rules to facilitate vulnerability research.
  ☆796Updated this week
• fkie-cad / cwe_checker

  View on GitHub
  cwe_checker finds vulnerable patterns in binary executables
  ☆1,317Apr 10, 2025Updated 10 months ago
• darkmentorllc / jackbnimble

  View on GitHub
  ☆18Aug 5, 2020Updated 5 years ago
• intel / pin-based-cec

  View on GitHub
  Pin-Based Constant Execution Checker (Pin-based CEC)
  ☆20Mar 31, 2025Updated 10 months ago
• liamg / extrude

  View on GitHub
  Analyse binaries for missing security features, information disclosure and more...
  ☆87Aug 7, 2023Updated 2 years ago
• treebacker / MemAFL

  View on GitHub
  A Coverage-Based fuzzing tools
  ☆23Aug 9, 2021Updated 4 years ago
• Martyx00 / VulnFanatic

  View on GitHub
  A Binary Ninja plugin for vulnerability research.
  ☆300Sep 7, 2024Updated last year
• Ericsson / codechecker

  View on GitHub
  CodeChecker is an analyzer tooling, defect database and viewer extension for static and dynamic analyzer tools.
  ☆2,532Updated this week
• SoftwareSecurityLab / UbSym

  View on GitHub
  A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes
  ☆43May 7, 2023Updated 2 years ago
• e-m-b-a / emba

  View on GitHub
  EMBA - The firmware security analyzer
  ☆3,365Feb 10, 2026Updated last week
• joernio / joern

  View on GitHub
  Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…
  ☆2,939Updated this week
• ant4g0nist / ManuFuzzer

  View on GitHub
  Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
  ☆177May 19, 2025Updated 8 months ago
• elManto / StaticAnalysisQueries

  View on GitHub
  A set of Code-ql/Joern queries to find vulnerabilities
  ☆67May 22, 2021Updated 4 years ago
• semgrep / semgrep-rules

  View on GitHub
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,078Updated this week
• trustedsec / inProc_Evade_Get-InjectedThread

  View on GitHub
  PoC code from blog
  ☆16Mar 10, 2020Updated 5 years ago
• ztgrace / mole

  View on GitHub
  Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.
  ☆58Aug 6, 2020Updated 5 years ago
• ex0dus-0x / fuzzable

  View on GitHub
  Framework for Automating Fuzzable Target Discovery with Static Analysis.
  ☆547Feb 1, 2024Updated 2 years ago
• analysis-tools-dev / static-analysis

  View on GitHub
  ⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The foc…
  ☆14,377Updated this week
• weggli-rs / weggli

  View on GitHub
  weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…
  ☆2,476Jul 12, 2024Updated last year
• secure-software-engineering / phasar

  View on GitHub
  A LLVM-based static analysis framework.
  ☆1,029Updated this week
• nccgroup / fuzzowski

  View on GitHub
  the Network Protocol Fuzzer that we will want to use.
  ☆791Jan 29, 2024Updated 2 years ago
• moyix / 2_ffast_2_furious

  View on GitHub
  A more realistic demo of a buffer overflow cause by -ffast-math
  ☆15Sep 10, 2022Updated 3 years ago
• jtpereyda / boofuzz

  View on GitHub
  A fork and successor of the Sulley Fuzzing Framework
  ☆2,313Updated this week
• wireghoul / graudit

  View on GitHub
  grep rough audit - source code auditing tool
  ☆1,677Dec 19, 2025Updated last month
• gand3lf / heappy

  View on GitHub
  A happy heap editor to support your exploitation process
  ☆198May 6, 2021Updated 4 years ago
• claroty / busybox-fuzzing

  View on GitHub
  ☆98Nov 10, 2021Updated 4 years ago
• CyborgSecurity / PoisonApple

  View on GitHub
  macOS persistence tool
  ☆229Feb 9, 2022Updated 4 years ago
• doyensec / vbox-fuzz

  View on GitHub
  Companion to the "Introduction to VirtualBox security research" Blog Post
  ☆35Apr 26, 2022Updated 3 years ago
• AFLplusplus / AFLplusplus

  View on GitHub
  The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…
  ☆6,300Updated this week
• ucsb-seclab / karonte

  View on GitHub
  Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
  ☆421Sep 18, 2021Updated 4 years ago
• fuzzware-fuzzer / fuzzware

  View on GitHub
  Fuzzware's main repository. Start here to install.
  ☆363Dec 18, 2025Updated last month
• trailofbits / polytracker

  View on GitHub
  An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
  ☆588Apr 8, 2025Updated 10 months ago
• KeenSecurityLab / BinAbsInspector

  View on GitHub
  BinAbsInspector: Vulnerability Scanner for Binaries
  ☆1,668Jun 17, 2024Updated last year
• SVF-tools / SVF

  View on GitHub
  Static Value-Flow Analysis Framework for Source Code
  ☆1,646Feb 6, 2026Updated last week
• semgrep / semgrep

  View on GitHub
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆14,137Updated this week
• nautilus-fuzz / nautilus

  View on GitHub
  A grammar based feedback Fuzzer
  ☆461Aug 17, 2024Updated last year
• JetP1ane / Callisto

  View on GitHub
  Callisto - An Intelligent Binary Vulnerability Analysis Tool
  ☆370Jul 24, 2023Updated 2 years ago
• quarkslab / binbloom

  View on GitHub
  Raw binary firmware analysis software
  ☆567Jun 6, 2024Updated last year