Alternatives and similar repositories for flawfinder

Users that are interested in flawfinder are comparing it to the libraries listed below

• 0xdea / semgrep-rules
  A collection of my Semgrep rules to facilitate vulnerability research.
  ☆639Updated last week
• google / clusterfuzzlite
  ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
  ☆488Updated 5 months ago
• aflnet / aflnet
  AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)
  ☆927Updated last week
• ossf / fuzz-introspector
  Fuzz Introspector -- introspect, extend and optimise fuzzers
  ☆415Updated this week
• uds-se / FormatFuzzer
  FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs.
  ☆417Updated 2 years ago
• google / libprotobuf-mutator
  Library for structured fuzzing with protobuffers
  ☆617Updated last month
• google / fuzztest
  ☆840Updated this week
• analysis-tools-dev / dynamic-analysis
  ⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
  ☆1,005Updated last month
• google / fuzzbench
  FuzzBench - Fuzzer benchmarking as a service.
  ☆1,145Updated 3 months ago
• hardik05 / Damn_Vulnerable_C_Program
  An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.
  ☆694Updated 7 months ago
• fkie-cad / cwe_checker
  cwe_checker finds vulnerable patterns in binary executables
  ☆1,223Updated last month
• splintchecker / splint
  Splint - annotation-assisted static program checker
  ☆322Updated 6 months ago
• google / fuzzer-test-suite
  Set of tests for fuzzing engines
  ☆1,446Updated 3 years ago
• googleprojectzero / TinyInst
  A lightweight dynamic instrumentation library
  ☆1,253Updated 2 months ago
• google / centipede
  ☆253Updated 2 years ago
• GJDuck / e9patch
  A powerful static binary rewriting tool
  ☆1,013Updated last month
• Dor1s / libfuzzer-workshop
  Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
  ☆1,278Updated last year
• eurecom-s3 / symcc
  SymCC: efficient compiler-based symbolic execution
  ☆814Updated 3 weeks ago
• jfoote / exploitable
  The 'exploitable' GDB plugin
  ☆731Updated 2 years ago
• jtpereyda / boofuzz
  A fork and successor of the Sulley Fuzzing Framework
  ☆2,162Updated last week
• denandz / fuzzotron
  A TCP/UDP based network daemon fuzzer
  ☆518Updated last year
• microsoft / sarif-tools
  A set of Python command line tools for working with SARIF files produced by code analysis tools
  ☆111Updated 4 months ago
• Wenzel / checksec.py
  Checksec tool in Python, Rich output. Based on LIEF
  ☆335Updated 2 weeks ago
• microsoft / binskim
  A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
  ☆808Updated this week
• S2E / s2e
  S2E: A platform for multi-path program analysis with selective symbolic execution.
  ☆474Updated 5 months ago
• nimble-code / Cobra
  An interactive (fast) static source code analyzer
  ☆162Updated 2 months ago
• fuzzstati0n / fuzzgoat
  A vulnerable C program for testing fuzzers.
  ☆196Updated 2 years ago
• nccgroup / fuzzowski
  the Network Protocol Fuzzer that we will want to use.
  ☆758Updated last year
• trailofbits / polytracker
  An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.
  ☆565Updated last month
• google / honggfuzz
  Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
  ☆3,188Updated 2 weeks ago