Alternatives and similar repositories for scudo_research

Users that are interested in scudo_research are comparing it to the libraries listed below

• google / binja-hexagon
  ☆116Updated last year
• WorksButNotTested / lightkeeper
  ☆70Updated 10 months ago
• nowsecure / radius2
  radius is a fast binary emulation and symbolic execution framework using radare2
  ☆47Updated 3 years ago
• srlabs / hexagon_fuzz
  A fuzzing framework for Hexagon baseband firmware using QEMU system emulation.
  ☆125Updated 3 months ago
• farazsth98 / virtualbox-qemu-vuln-research-notes
  Vulnerability research notes for VirtualBox and QEMU. Contains debug environment setup notes, a PoC template, exploit primitive notes, an…
  ☆196Updated last year
• 0xdea / weggli-patterns
  A collection of my weggli patterns to facilitate vulnerability research.
  ☆154Updated 2 weeks ago
• icicle-emu / icicle
  ☆188Updated 2 years ago
• marcograss / rbasefind
  A firmware base address search tool.
  ☆47Updated last year
• radareorg / esilsolve
  A python symbolic execution framework using radare2's ESIL (Evaluable String Intermediate Language)
  ☆165Updated 3 years ago
• quic / AFLTriage
  ☆136Updated 3 years ago
• HexHive / scudo-exploitation
  ☆52Updated last year
• seal9055 / sfuzz
  High performance fuzzing using riscv to x86 binary translations and modern fuzzing techniques
  ☆154Updated last year
• grant-h / ShannonEE
  FirmWire has replaced ShannonEE. OLD: A dynamic analysis environment for Samsung's Shannon baseband.
  ☆43Updated 3 years ago
• Impalabs / hyperpom
  AArch64 fuzzer based on the Apple Silicon hypervisor
  ☆196Updated 2 years ago
• nccgroup / libslub
  ☆189Updated 11 months ago
• grant-h / ShannonFirmware
  Samples of Shannon baseband firmware for research purposes.
  ☆46Updated 4 years ago
• vul337 / KextFuzz
  Code of KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations (USENIX Security'23)
  ☆87Updated 2 years ago
• pietroborrello / RopDaemon
  A fast, multithreaded, ROP-gadget semantics analyzer.
  ☆51Updated 4 years ago
• quarkslab / tritondse
  Triton-based DSE library with loading and exploration capabilities (and more!)
  ☆135Updated last month
• Agnoctopus / Tartiflette
  Snapshot fuzzing with KVM and LibAFL
  ☆96Updated 3 years ago
• galli-leo / emmutaler
  A set of tools for fuzzing SecureROM. Managed to find and trigger checkm8.
  ☆163Updated 4 years ago
• fgsect / BaseSAFE
  Emulation and Feedback Fuzzing of Firmware with Memory Sanitization
  ☆164Updated 4 years ago
• Cisco-Talos / snap_wtf_macos
  WTF Snapshot fuzzing of macOS targets
  ☆99Updated last year
• airbus-cyber / afl_ghidra_emu
  ☆188Updated 9 months ago
• alexander-pick / shannon_modem_loader
  Exynos Modem / Shannon baseband firmware loader for IDA Pro 8.x/9.x
  ☆78Updated last year
• mahaloz / sailr-eval
  The SAILR paper's evaluation pipline for measuring the quality of decompilation
  ☆117Updated last year
• pjlantz / optee-qemu
  Environment with vulnerable kernel for exploitation of the TEE driver (CVE-2021-44733)
  ☆76Updated 4 years ago
• grimm-co / GEARSHIFT
  ☆136Updated 4 years ago
• JonathanSalwan / ttexplore
  TTexplore is a library that performs path exploration on binary code using symbolic execution
  ☆81Updated 3 years ago
• ant4g0nist / ManuFuzzer
  Binary code-coverage fuzzer for macOS, based on libFuzzer and LLVM
  ☆177Updated 7 months ago