google / vanir
Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together with their corresponding signatures so that users can transparently scan missing patches for an up-to-date list of CVEs.
☆17Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for vanir
- A corpus generation tool☆19Updated 3 weeks ago
- This repository contains the tools we used in our research on the Google Titan M chip☆181Updated 2 years ago
- ☆107Updated last year
- ☆37Updated last year
- Linux kernel source tree☆15Updated last week
- Composite GitHub CI Action containing the minimal viable security lint for brave repositories☆17Updated this week
- TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)☆52Updated last month
- ☆49Updated 8 months ago
- E²VA short for Exploitation Experience with Vulnerable App is a vulnerable app to learn userspace exploitation on Android☆14Updated last year
- OSS-Fuzz vulnerabilities for OSV.☆133Updated this week
- If I solve a CTF challenge and do a writeup, it goes here.☆10Updated last year
- VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.☆116Updated 5 months ago
- A collection of resources/tools and analyses for the angr binary analysis framework.☆166Updated 2 years ago
- A Framework for fuzzing USB Drivers by Device Emulation☆112Updated 3 years ago
- Binarly Vulnerability Research Advisories☆168Updated 2 months ago
- A library to facilitate the static analysis of Android apps☆12Updated 3 months ago
- Collection of scripts for reversing Qualcomm Hexagon baseband / modem firmware☆151Updated last year
- A Dolev-Yao-model-guided fuzzer for TLS☆135Updated this week
- CredData is a set of files including credentials in open source projects. CredData includes suspicious lines with manual review results a…�☆31Updated last week
- Mayhem example templates for programming languages and fuzzers that you love!☆27Updated 10 months ago
- This repository wraps the KustoSchemaTools into a CLI tool inside a container. This way it can be used as GitHub Action☆10Updated this week
- GCE Rescue is a command-line tool to boot Google Cloud Platform VMs in Rescue Mode.☆14Updated 11 months ago
- Check linux sources dump for known CVEs.☆127Updated this week
- Fuzzware's main repository. Start here to install.☆309Updated this week
- ☆38Updated this week
- Linux Kernel Fuzzer Corpus☆133Updated this week
- Linux kernel privilege escalation techniques☆113Updated 3 months ago
- Binary Type Inference Ghidra Plugin☆144Updated 9 months ago
- Hook for the PoC for exploiting CVE-2024-32002☆15Updated 6 months ago
- Quarkslab conference talks☆275Updated last week