Alternatives and similar repositories for klee:

Users that are interested in klee are comparing it to the libraries listed below

• lifting-bits / fennec
  Rewriting functions in compiled binaries using McSema
  ☆88Updated 5 years ago
• feliam / klee-taint
  KLEE-TAINT - Klee with taint analysis support
  ☆72Updated 7 years ago
• melynx / taintinduce
  TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.
  ☆58Updated 4 years ago
• thebabush / reflex
  Flex 'em lexers
  ☆39Updated 4 years ago
• Cisco-Talos / covnavi
  ☆63Updated 5 years ago
• jordan9001 / dobby2
  Build your emulation environment as needed
  ☆65Updated 3 years ago
• sdasgup3 / validating-binary-decompilation
  Scalable Validator for Binary Lifters
  ☆54Updated 4 years ago
• uxmal / nucleus
  Clone of "Compiler-Agnostic Function Detection in Binaries" source code
  ☆85Updated 3 years ago
• riverloopsec / hashashin
  Hashashin: A Fuzzy Matching Tool for Binary Ninja
  ☆89Updated last year
• andreafioraldi / angrdbg
  Abstract library to generate angr states from a debugger state
  ☆59Updated 4 years ago
• MozillaSecurity / libfuzzer-python-bridge
  INACTIVE - http://mzl.la/ghe-archive - A Python3 bridge for implementing custom libFuzzer mutators
  ☆74Updated 5 years ago
• quarkslab / whvp
  PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components
  ☆68Updated 3 years ago
• sslab-gatech / perf-fuzz
  ☆96Updated 5 years ago
• trailofbits / Honeybee
  An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite
  ☆129Updated 3 years ago
• angr / tracer
  Utilities for generating dynamic traces
  ☆90Updated 2 years ago
• bdcht / ccrawl
  clang-based search engine for C/C++ data structures, classes, prototypes & macros
  ☆101Updated 3 months ago
• vanhauser-thc / afl-patches
  Patches to afl to fix bugs or add enhancements
  ☆80Updated 5 years ago
• adrianherrera / afl-mutation-graph
  Recover mutation graph from an AFL seed
  ☆59Updated 4 years ago
• kc0bfv / pcode-emulator
  A PCode Emulator for Ghidra.
  ☆108Updated 4 years ago
• AFLplusplus / StdFuzzer
  StdFuzzer is the reference implementation of a generic bit-level fuzzer with LibAFL
  ☆48Updated 2 months ago
• HexHive / RetroWrite-Tutorial
  ☆38Updated 4 years ago
• tum-i4 / macke
  Modular And Compositional analysis with KLEE Engine
  ☆114Updated 5 years ago
• cdisselkoen / pitchfork
  Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr)
  ☆75Updated 2 years ago
• s3team / loop
  Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
  ☆50Updated 9 years ago
• brainsmoke / minemu
  Minemu is a minimal emulator for dynamic taint analysis ( this is a mirror of https://minemu.org/code/minemu.git )
  ☆40Updated 4 years ago
• trailofbits / DomTreSat
  Dominator Tree LLVM Pass to Test Satisfiability
  ☆47Updated 8 years ago
• vusec / typearmor
  Implementation of our S&P16 paper: A Tough Call: Mitigating Advanced Code-Reuse Attacks
  ☆46Updated 7 years ago
• toshipiazza / Tigress_angr
  Futile attempt to solve the Tigress challenges using angr
  ☆22Updated 5 years ago
• season-lab / ropdissector
  A framework for static analysis of ROP exploits and programs
  ☆40Updated 5 years ago
• angr / angr-platforms
  A collection of extensions to angr to handle new platforms
  ☆67Updated 3 weeks ago