Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
☆2,959Feb 26, 2026Updated this week
Alternatives and similar repositories for joern
Users that are interested in joern are comparing it to the libraries listed below
Sorting:
- Code Property Graph: specification, query language, and utilities☆564Updated this week
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆413Updated this week
- An easy-to-learn/use static analysis framework for Java☆1,765Feb 16, 2026Updated 2 weeks ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,757Nov 21, 2023Updated 2 years ago
- A CAT called tabby ( Code Analysis Tool )☆1,637Jan 17, 2026Updated last month
- Static Value-Flow Analysis Framework for Source Code☆1,652Feb 23, 2026Updated last week
- BinAbsInspector: Vulnerability Scanner for Binaries☆1,670Jun 17, 2024Updated last year
- A robust parser for C/C++ storing abstract syntax trees, control flow graphs and program dependence graphs in a neo4j graph database.☆555May 10, 2019Updated 6 years ago
- cwe_checker finds vulnerable patterns in binary executables☆1,324Apr 10, 2025Updated 10 months ago
- Getting started with static program analysis. 静态程序分析入门教程。☆1,766Mar 20, 2024Updated last year
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- Framework for Automating Fuzzable Target Discovery with Static Analysis.☆548Feb 1, 2024Updated 2 years ago
- Recent Fuzzing Paper☆2,737Nov 4, 2025Updated 3 months ago
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆9,267Updated this week
- Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android☆1,293Jan 13, 2026Updated last month
- Code Property Graph (CPG) frontend for binary applications and libraries.☆95Oct 28, 2021Updated 4 years ago
- A LLVM-based static analysis framework.☆1,035Updated this week
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,481Jul 12, 2024Updated last year
- The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power…☆6,326Updated this week
- Coverage-guided, in-process fuzzing for the JVM☆1,199Updated this week
- Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_st…☆2,496Feb 10, 2026Updated 2 weeks ago
- A powerful static binary rewriting tool☆1,089Feb 15, 2026Updated 2 weeks ago
- A True Instrumentable Binary Emulation Framework☆5,827Nov 5, 2025Updated 3 months ago
- SymCC: efficient compiler-based symbolic execution☆856May 12, 2025Updated 9 months ago
- Soot - A Java optimization framework☆3,072Feb 23, 2026Updated last week
- RetroWrite -- Retrofitting compiler passes through binary rewriting☆736Apr 26, 2025Updated 10 months ago
- ShiftLeft OverflowDB☆134May 22, 2025Updated 9 months ago
- Resources related to GitHub Security Lab☆1,587Dec 2, 2025Updated 3 months ago
- Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free…☆1,846Feb 25, 2025Updated last year
- A JavaScript Engine Fuzzer☆2,152Updated this week
- 一些阅读源码和Fuzzing 的经验,涵盖黑盒与白盒测试..☆1,075Aug 24, 2021Updated 4 years ago
- A lightweight dynamic instrumentation library☆1,308Apr 1, 2025Updated 11 months ago
- wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…☆1,726Jan 2, 2026Updated 2 months ago
- An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.☆588Feb 20, 2026Updated last week
- ☆350Oct 24, 2024Updated last year
- A new version of Soot with a completely overhauled architecture☆774Updated this week
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,079Jun 15, 2021Updated 4 years ago
- AFLNet: A Greybox Fuzzer for Network Protocols (https://thuanpv.github.io/publications/AFLNet_ICST20.pdf)☆989May 26, 2025Updated 9 months ago
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,070Dec 2, 2025Updated 3 months ago