trailofbits/polytracker

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trailofbits/polytracker)

trailofbits / polytracker

An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

☆588

Alternatives and similar repositories for polytracker

Users that are interested in polytracker are comparing it to the libraries listed below

Sorting:

eurecom-s3 / symcc
View on GitHub
SymCC: efficient compiler-based symbolic execution
☆862Updated this week
AngoraFuzzer / libdft64
View on GitHub
libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)
☆270Feb 21, 2025Updated last year
secure-software-engineering / phasar
View on GitHub
A LLVM-based static analysis framework.
☆1,036Updated this week
mchalupa / dg
View on GitHub
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
☆524May 21, 2025Updated 9 months ago
HexHive / retrowrite
View on GitHub
RetroWrite -- Retrofitting compiler passes through binary rewriting
☆739Apr 26, 2025Updated 10 months ago
googleprojectzero / TinyInst
View on GitHub
A lightweight dynamic instrumentation library
☆1,328Mar 13, 2026Updated last week
AngoraFuzzer / Angora
View on GitHub
Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic e…
☆955Jul 18, 2022Updated 3 years ago
R-Fuzz / symsan
View on GitHub
A LLVM Sanitizer for Symbolic Tracing
☆235Updated this week
wmkhoo / taintgrind
View on GitHub
A taint-tracking plugin for the Valgrind memory checking tool
☆265May 30, 2025Updated 9 months ago
lifting-bits / anvill
View on GitHub
anvill forges beautiful LLVM bitcode out of raw machine code
☆366Sep 3, 2024Updated last year
GJDuck / e9patch
View on GitHub
A powerful static binary rewriting tool
☆1,097Mar 3, 2026Updated 2 weeks ago
HexHive / magma
View on GitHub
A ground-truth fuzzing benchmark suite based on real programs with real bugs.
☆335Jan 11, 2026Updated 2 months ago
trailofbits / Honeybee
View on GitHub
An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite
☆132Feb 13, 2022Updated 4 years ago
sslab-gatech / qsym
View on GitHub
QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
☆655Nov 23, 2022Updated 3 years ago
trailofbits / maat
View on GitHub
Open-source symbolic execution framework: https://maat.re
☆648Feb 22, 2026Updated 3 weeks ago
vusec / parmesan
View on GitHub
ParmeSan: Sanitizer-guided Greybox Fuzzing
☆177Apr 19, 2024Updated last year
seahorn / clam
View on GitHub
Static Analyzer for LLVM bitcode based on Abstract Interpretation. **Update**: clam is still actively maintained. Please use branch dev1…
☆287Apr 21, 2024Updated last year
eurecom-s3 / symqemu
View on GitHub
SymQEMU: Compilation-based symbolic execution for binaries
☆371May 5, 2025Updated 10 months ago
staticafi / symbiotic
View on GitHub
Symbiotic is a tool for finding bugs in computer programs based on instrumentation, program slicing and KLEE
☆335Feb 25, 2026Updated 3 weeks ago
andreafioraldi / qasan
View on GitHub
QASan is a custom QEMU 3.1.1 that detects memory errors in the guest using AddressSanitizer.
☆351Jul 30, 2024Updated last year
S2E / s2e
View on GitHub
S2E: A platform for multi-path program analysis with selective symbolic execution.
☆513Feb 15, 2026Updated last month
SVF-tools / SVF
View on GitHub
Static Value-Flow Analysis Framework for Source Code
☆1,655Updated this week
lifting-bits / remill
View on GitHub
Library for lifting machine code to LLVM bitcode
☆1,642Mar 11, 2026Updated last week
googleprojectzero / Jackalope
View on GitHub
Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android
☆1,299Mar 2, 2026Updated 2 weeks ago
GrammaTech / ddisasm
View on GitHub
A fast and accurate disassembler
☆741Jan 23, 2026Updated last month
sdasgup3 / validating-binary-decompilation
View on GitHub
Scalable Validator for Binary Lifters
☆62Jun 28, 2020Updated 5 years ago
HexHive / datAFLow
View on GitHub
A data-flow-guided fuzzer
☆124Aug 19, 2023Updated 2 years ago
PLSysSec / haybale
View on GitHub
Symbolic execution of LLVM IR with an engine written in Rust
☆582Oct 27, 2023Updated 2 years ago
strongcourage / uafuzz
View on GitHub
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
☆350Sep 25, 2023Updated 2 years ago
intel / kernel-fuzzer-for-xen-project
View on GitHub
Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
☆475Jul 8, 2024Updated last year
aengelke / instrew
View on GitHub
A high performance LLVM-based dynamic binary instrumentation framework
☆287Jun 7, 2024Updated last year
gryan11 / PGA
View on GitHub
Proximal Gradient Analysis open source release based on our USENIX Security 2021 paper: "Fine Grained Dataflow Analysis with Proximal Gra…
☆32Apr 29, 2021Updated 4 years ago
evanmak / savior-source
View on GitHub
source code for savior fuzzer
☆127Oct 1, 2020Updated 5 years ago
JonathanSalwan / Triton
View on GitHub
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…
☆4,098Mar 8, 2026Updated last week
season-lab / fuzzolic
View on GitHub
fuzzing + concolic = fuzzolic :)
☆129Nov 6, 2025Updated 4 months ago
AFLplusplus / AFL-Snapshot-LKM
View on GitHub
A Linux Kernel Module that implements a fast snapshot mechanism for fuzzing.
☆141Aug 17, 2021Updated 4 years ago
nyx-fuzz / libxdc
View on GitHub
The fastest Intel-PT decoder for fuzzing
☆378Feb 2, 2024Updated 2 years ago
AFLplusplus / Grammar-Mutator
View on GitHub
A grammar-based custom mutator for AFL++
☆271Dec 22, 2025Updated 2 months ago
trailofbits / llvm-sanitizer-tutorial
View on GitHub
An LLVM sanitizer tutorial
☆204Jun 1, 2022Updated 3 years ago