Alternatives and similar repositories for klee

Users that are interested in klee are comparing it to the libraries listed below

• lifting-bits / fennec
  Rewriting functions in compiled binaries using McSema
  ☆91Updated 6 years ago
• bdcht / ccrawl
  clang-based search engine for C/C++ data structures, classes, prototypes & macros
  ☆103Updated 3 months ago
• trailofbits / Honeybee
  An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite
  ☆131Updated 3 years ago
• uxmal / nucleus
  Clone of "Compiler-Agnostic Function Detection in Binaries" source code
  ☆86Updated 4 years ago
• ucsb-seclab / sasi
  Signedness-Agnostic Strided-Interval
  ☆38Updated 6 years ago
• feliam / klee-taint
  KLEE-TAINT - Klee with taint analysis support
  ☆70Updated 8 years ago
• andreafioraldi / angrdbg
  Abstract library to generate angr states from a debugger state
  ☆61Updated 5 years ago
• LL-MM / approxis-groundtruth
  ☆31Updated 5 years ago
• rizinorg / CutterDRcov
  DynamoRIO coverage visualization for cutter
  ☆61Updated 3 years ago
• RUB-SysSec / Marx
  Uncovering Class Hierarchies in C++ Programs
  ☆127Updated 3 years ago
• quarkslab / whvp
  PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components
  ☆68Updated 4 years ago
• melynx / taintinduce
  TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.
  ☆59Updated 4 years ago
• fgsect / JMPscare
  tool for multi-execution jump coverage introspection
  ☆66Updated 9 months ago
• sdasgup3 / validating-binary-decompilation
  Scalable Validator for Binary Lifters
  ☆57Updated 5 years ago
• jordan9001 / dobby2
  Build your emulation environment as needed
  ☆66Updated 4 years ago
• quarkslab / sspam
  Symbolic Simplification with PAttern Matching
  ☆108Updated 8 years ago
• kc0bfv / pcode-emulator
  A PCode Emulator for Ghidra.
  ☆110Updated 4 years ago
• yellowbyte / opaque-predicates-detective
  An approach to detect opaque predicates by identifying the damage caused by the obfuscation.
  ☆31Updated 4 years ago
• cdisselkoen / pitchfork
  Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr)
  ☆76Updated 3 years ago
• edmcman / ghidra-scala-loader
  An extension to load Ghidra scripts written in Scala
  ☆30Updated 2 months ago
• atos-tools / qemu-plugins-tutorial
  Tutorial to write qemu plugins
  ☆34Updated 8 years ago
• zhechkoz / PwIN
  Security Evaluation of Dynamic Binary Instrumentation Engines
  ☆80Updated 7 years ago
• riverloopsec / hashashin
  Hashashin: A Fuzzy Matching Tool for Binary Ninja
  ☆94Updated 2 years ago
• RolfRolles / SMTSample
  Course sample for SMT-Based Binary Program Analysis training class
  ☆32Updated 7 years ago
• toshipiazza / Tigress_angr
  Futile attempt to solve the Tigress challenges using angr
  ☆22Updated 6 years ago
• vanhauser-thc / afl-dyninst
  American Fuzzy Lop + Dyninst == AFL Fuzzing blackbox binaries
  ☆74Updated 4 years ago
• angr / archr
  Target-centric program analysis.
  ☆78Updated 3 weeks ago
• sslab-gatech / perf-fuzz
  ☆96Updated 6 years ago
• s3team / loop
  Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
  ☆51Updated 9 years ago
• eqv / aflq_fast_cov
  A fast binary coverage measurement tool based on AFL's Qemu mode
  ☆33Updated 4 years ago