klee

KLEE Symbolic Execution Engine (by klee)

Klee Alternatives

Similar projects and alternatives to klee

  • Triton

    - klee VS Triton

    Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. (by JonathanSalwan)

  • CrossHair

    An analysis tool for Python that blurs the line between testing and type systems.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • bap

    - klee VS bap

    Binary Analysis Platform

  • rust-verification-tools

    Discontinued RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

  • alive2

    Automatic verification of LLVM optimizations

  • iansui

    芫荽,基於 Klee One 改造的學習用台灣繁體字型

  • I.Ming

    I.Ming ( I.明體 / 一点明朝体 / 一點明體 )

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • go-llvm

    Go bindings to a system-installed LLVM. Used as part of TinyGo.

  • source-han-serif

    Source Han Serif | 思源宋体 | 思源宋體 | 思源宋體 香港 | 源ノ明朝 | 본명조

  • Vrmac

    Vrmac Graphics, a cross-platform graphics library for .NET. Supports 3D, 2D, and accelerated video playback. Works on Windows 10 and Raspberry Pi4.

  • Git

    1 klee VS Git

    Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.

  • llvm

    1 klee VS llvm

    Library for interacting with LLVM IR in pure Go. (by llir)

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better klee alternative or higher similarity.

klee reviews and mentions

Posts with mentions or reviews of klee. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-07-29.
  • Go Noob question: How can I output LLVM IR, instrument it and also looking for a symbolic execution engine
    3 projects | /r/golang | 29 Jul 2022
    I also want to use something like KLEE: https://klee.github.io/
  • If people make game engines in C, why do (other) people say C is impossibly hard and can never be correct?
    2 projects | /r/C_Programming | 29 May 2022
    I think that KLEE was quite good at that. See https://klee.github.io/
  • A Saudi woman's iPhone revealed hacking around the world
    2 projects | news.ycombinator.com | 19 Feb 2022
    I think the most critical part the flow is the integer overflow bug, and it is totally avoidable. I am a software engine at Microsoft. Half my time was spent on security and compliance. We have the right tool, right policy to avoid such things happen. However, I'm not saying Microsoft software is free of integer overflow bugs. I don't intend to advertise Microsoft C/C++ development tools here, but they are what I know most.

    Let's go to the technical part: If you are asked to implement the binary algorithm with your favorite programming language, how do you verify your code is correct? Unit-tests. How many test cases you may need? More than 10. As long as you have enough tests, your don't need to worry too much. But how much test coverage is enough? Please remember JDK had a integer overflow bug in their binary search in early 2000s. So, people know the algorithm, but normally people don't know how to test their code, therefore most people can't write bug-free binary search code. And any non-trivial C/C++ function may need tens of thousands test cases. Simply you can't write the tests by hand.

    You need the right tools: fuzzing and static analysis.

    At Microsoft, every file parser should go through fuzzing, which basically is you generate some random input, then you run your tests with the random inputs. Not very fantastic. But there is another kind of fuzzing: symbolic execution, which tries to find all the possible execution paths of your code. If you run symbolic execution with your binary search code, you can get 100% test coverage. And it is guaranteed bug-free. It is like a math proof. Please note the advantage is based on human just had surprising great advancement on SAT solvers in the last 20 years. And often you need to make some compromises between your business goal and security. Most functions can't reach 100% test coverage. You need to simplify them. See https://github.com/klee/klee to get a quickstart. Though C/C++ is often considered unsafe, they have the best fuzzer.

    Then it is about SAL annotation and static analyzer. In C, whenever you pass a pointer of an array to another function, you should also pass its length with it. And in the callee function you should check the length. If you forgot it, your static code analyzer will give you a warning. In such a sense, if you didn't allocate enough memory, it will only result an error code being returned instead of undefined behavior.

    The last thing: Use safeint wrapping your malloc function. https://docs.microsoft.com/en-us/cpp/safeint/safeint-library...

    When we move off the binary search toy example to a real code base, clearly you can see how much extra effort is needed to make the code safe. Please pardon me, most OSS libraries don't have the resource. Many famous OSS projects are "Mom-and-pop" shops. They don't have any compliance rule. They invest very little on fuzzing. So the big companies really should help them. Now you see an integer overflow bug was found in Apple's image render, but was the code written by Apple? Not necessarily. Now we all see the importance of the Open Source movement. It's time to think how to harden their security. For example, even I want to spend my free time on adding SAL annotations to an OSS project I love, would the maintainers accept it?

  • A note from our sponsor - WorkOS
    workos.com | 28 Mar 2024
    The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Stats

Basic klee repo stats
4
2,440
8.8
6 days ago
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com