Alternatives and similar repositories for qemu

Users that are interested in qemu are comparing it to the libraries listed below

• atos-tools / qemu-plugins-tutorial
  Tutorial to write qemu plugins
  ☆34Updated 8 years ago
• vanhauser-thc / dynTaintTracer
  a taint tracer based on DynamoRIO, currently ARM only
  ☆40Updated 5 years ago
• S2E / s2e-linux-kernel
  Linux kernels (CGC DECREE and vanilla) with S2E extensions
  ☆24Updated last year
• trailofbits / vast-checker
  ☆27Updated 2 years ago
• risicle / cpytraceafl
  CPython bytecode instrumentation and forkserver tools for fuzzing pure python and mixed python/c code using AFL
  ☆31Updated 4 years ago
• ucsb-seclab / sasi
  Signedness-Agnostic Strided-Interval
  ☆38Updated 6 years ago
• atrosinenko / kbdysch
  A collection of user-space Linux kernel specific guided fuzzers based on LKL
  ☆81Updated 3 months ago
• AFLplusplus / qemuafl
  This fork of QEMU enables fuzzing userspace ELF binaries under AFL++.
  ☆85Updated last week
• tum-i4 / munch
  Greybox fuzzer for optimizing function coverage and finding low-level vulnerabilities in C programs
  ☆38Updated 6 years ago
• seclab-ucr / IncreLux
  Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel
  ☆31Updated 3 years ago
• vessial / baseband
  baseband security research
  ☆85Updated 4 years ago
• HexHive / HexVASAN
  ☆17Updated 6 years ago
• AFLplusplus / unicornafl
  AFL bindings for Unicorn-Engine
  ☆85Updated last week
• scotty-kdw / ARM-Analyzer
  Backward Taint Analysis (GUI) on Desktop : Analyzing trace log to determine exploitability by tracking data propagation
  ☆48Updated 8 years ago
• projectbtle / argXtract
  Tool to trace ARM Cortex-M assembly instructions and extract arguments to configuration APIs (supervisor calls or function calls).
  ☆31Updated 3 years ago
• HexHive / mitiGate
  Benchmark to test different stop the exploit mitigations
  ☆18Updated 6 years ago
• bajinsheng / ReZZan
  ☆39Updated 3 years ago
• Samsung / afl_cc
  Fuzzing with controlled compilation
  ☆30Updated 2 years ago
• niklasb / dump-seccomp
  GDB plugin to dump SECCOMP rules set via prctnl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER)
  ☆22Updated 9 years ago
• junxzm1990 / afl-pt
  ☆53Updated 6 years ago
• seclab-ucr / KOOBE
  Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
  ☆89Updated last year
• datadancer / HIAFuzz
  Hybrid Interface Aware Fuzz for Android Kernel Drivers
  ☆30Updated 4 years ago
• seclab-yonsei / intriguer
  Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing
  ☆34Updated last year
• FoRTE-Research / FoRTE-FuzzBench
  FoRTE-Research's fuzzing benchmarks
  ☆57Updated 6 years ago
• puppykitten / tbase
  trustonic tbase research
  ☆32Updated 7 years ago
• eqv / aflq_fast_cov
  A fast binary coverage measurement tool based on AFL's Qemu mode
  ☆33Updated 4 years ago
• ShiftLeftSecurity / llvm2cpg
  LLVM meets Code Property Graphs
  ☆94Updated 4 years ago
• Learner0x5a / DataFlowAnalysis-miasm
  Generate data-flow graph and def-use graph for a function based on miasm and IDA Pro.
  ☆20Updated 3 years ago
• MCUSec / microAFL
  ☆47Updated 3 years ago
• patchloc / VulnLoc
  ☆12Updated 4 years ago