Alternatives and similar repositories for klee

Users that are interested in klee are comparing it to the libraries listed below

• feliam / klee-taint
  KLEE-TAINT - Klee with taint analysis support
  ☆70Updated 7 years ago
• thebabush / reflex
  Flex 'em lexers
  ☆40Updated 4 years ago
• melynx / taintinduce
  TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.
  ☆59Updated 4 years ago
• lifting-bits / fennec
  Rewriting functions in compiled binaries using McSema
  ☆89Updated 5 years ago
• trailofbits / Honeybee
  An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite
  ☆129Updated 3 years ago
• Cisco-Talos / covnavi
  ☆63Updated 6 years ago
• uxmal / nucleus
  Clone of "Compiler-Agnostic Function Detection in Binaries" source code
  ☆86Updated 3 years ago
• sdasgup3 / validating-binary-decompilation
  Scalable Validator for Binary Lifters
  ☆56Updated 4 years ago
• andreafioraldi / angrdbg
  Abstract library to generate angr states from a debugger state
  ☆60Updated 4 years ago
• s3team / loop
  Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code
  ☆51Updated 9 years ago
• sslab-gatech / perf-fuzz
  ☆96Updated 6 years ago
• toshipiazza / Tigress_angr
  Futile attempt to solve the Tigress challenges using angr
  ☆23Updated 6 years ago
• d-millar / ghidra_pcode_scripts
  a few Ghidra scripts for dumping PCode data
  ☆50Updated 6 years ago
• MarkusTeufelberger / afl-ddmin-mod
  Test case minimizer for afl-fuzz
  ☆26Updated 7 years ago
• zhechkoz / PwIN
  Security Evaluation of Dynamic Binary Instrumentation Engines
  ☆80Updated 6 years ago
• cdisselkoen / pitchfork
  Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr)
  ☆75Updated 2 years ago
• kc0bfv / pcode-emulator
  A PCode Emulator for Ghidra.
  ☆109Updated 4 years ago
• AFLplusplus / AFL-Snapshot-LKM
  A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
  ☆138Updated 3 years ago
• fgsect / JMPscare
  tool for multi-execution jump coverage introspection
  ☆65Updated 4 months ago
• thebabush / nampa
  Nampa - FLIRT for (binary) ninjas
  ☆94Updated 6 months ago
• tum-i4 / macke
  Modular And Compositional analysis with KLEE Engine
  ☆116Updated 5 years ago
• AFLplusplus / StdFuzzer
  StdFuzzer is the reference implementation of a generic bit-level fuzzer with LibAFL
  ☆48Updated 6 months ago
• rizinorg / CutterDRcov
  DynamoRIO coverage visualization for cutter
  ☆61Updated 2 years ago
• quarkslab / whvp
  PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components
  ☆68Updated 3 years ago
• andreafioraldi / idb2gdb
  Load function names from an IDA Pro database inside GDB
  ☆20Updated 6 years ago
• RUB-SysSec / Marx
  Uncovering Class Hierarchies in C++ Programs
  ☆127Updated 2 years ago
• AFLplusplus / LibAFL-legacy
  AFL++ as a library: gives you all the tools necessary to craft the best fuzzer for your targets with ease!
  ☆113Updated 4 years ago
• jordan9001 / dobby2
  Build your emulation environment as needed
  ☆66Updated 4 years ago
• farosato / angr-antievasion
  Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).
  ☆34Updated 7 years ago
• JHUAPL / ALLSTAR
  Assembled Labeled Library for Static Analysis Research - Debian packages built for 6 architectures, storing compiler artifacts, binaries…
  ☆28Updated 4 years ago