dynamic-analysis

Top 23 dynamic-analysis Open-Source Projects

dynamic-analysis
  1. x64dbg

    An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

    Project mention: Debugging bugs in x64dbg debugger. Step out to GUI | dev.to | 2024-11-19

    Several months have passed since the last part was posted. Maintainers of x64dbg have continued to improve its functionality. They also opened a task to update the development tools. So in this post, we will continue the analysis based on commit f518e50 code and, where possible, we'll compare it with the commit 9785d1a, which is accurate at the time of writing.

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. Mobile-Security-Framework-MobSF

    Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

  4. trufflehog

    Find, verify, and analyze leaked credentials

    Project mention: Scan secret using trufflehog | dev.to | 2024-11-12

    Trufflehog is a tool that can scan multiple sources (filesystem, git, have a pre commit hook, Postman), integrate in CI / Docker environment, etc... .

  5. awesome-malware-analysis

    Defund the Police.

  6. owasp-mastg

    The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

    Project mention: The Case for Standards in Mobile App Security | dev.to | 2024-07-31

    The OWASP Mobile Application Security (MAS) flagship project provides a robust security standard for mobile apps, known as the OWASP MASVS, along with a comprehensive testing guide (OWASP MASTG). These resources cover the processes, techniques, and tools used during a mobile app security test, ensuring consistent and complete results.

  7. MobileApp-Pentest-Cheatsheet

    The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

  8. Triton

    Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. (by JonathanSalwan)

    Project mention: KLEE Symbolic Execution Engine | news.ycombinator.com | 2024-08-27
  9. awesome-frida

    Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)

  10. binsider

    Analyze ELF binaries like a boss πŸ˜ΌπŸ•΅οΈβ€β™‚οΈ

    Project mention: Binsider – Analyze binaries without leaving the terminal | news.ycombinator.com | 2024-09-30
  11. panda

    Platform for Architecture-Neutral Dynamic Analysis (by panda-re)

    Project mention: Deterministic Replay of QEMU Emulation | news.ycombinator.com | 2024-08-29

    Indeed, the tooling is the problem. And I wouldn't hold my breath to see this tooling being implemented, as the feature has been around for quite a bit.

    IMHO, PANDA [1] remains a better/more practical choice for whole-system record/replay analysis. It already offers quite a bit of tooling (including a python interface), as well as hooks to build your own. It does have its own shortcomings (speed and not being in-sync with the latest QEMU), but at least you're not limited to gdb-based debugging.

    [1] https://panda.re/

  12. frida-snippets

    Hand-crafted Frida examples

  13. bap

    Binary Analysis Platform

  14. mutant

    Automated code reviews via mutation testing - semantic code coverage.

  15. awesome-symbolic-execution

    A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.

  16. CrossHair

    An analysis tool for Python that blurs the line between testing and type systems.

    Project mention: CrossHair: Analysis [Python] that blurs the line between testing and [types] | news.ycombinator.com | 2024-12-24
  17. dynamic-analysis

    βš™οΈ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.

  18. fsmon

    monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux

  19. enlightn

    Your performance & security consultant, an artisan command away.

    Project mention: Laravel code-quality tools | dev.to | 2024-02-08

    Enlightn scans your code to check whether it follows best practices in performance, security, and reliability. It's a paid tool, but it also has free checks you can use. At the time of writing, it has 64 checks in the free version and 128 checks in the paid version. For the purposes of this article, we'll only be using the free version.

  20. packj

    Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

    Project mention: A Study of Malware Prevention in Linux Distributions | news.ycombinator.com | 2024-11-21

    Good to see Packj[1] as one of the malware scanners used.

    1. https://github.com/ossillate-inc/packj

    Packj detects malicious PyPI/NPM/Ruby/PHP/etc. dependencies using behavioral analysis. It uses static+dynamic code analysis to scan for indicators of compromise (e.g., spawning of shell, use of SSH keys, network communication, use of decode+eval, etc). It also checks for several metadata attributes to detect bad actors (e.g., typo squatting).

  21. debugoff

    Linux anti-debugging and anti-analysis rust library

  22. casr

    Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.

  23. sandworm-guard-js

    Easy auditing & sandboxing for your JavaScript dependencies πŸͺ±

  24. allsafe

    Intentionally vulnerable Android application.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

dynamic-analysis discussion

Log in or Post with

dynamic-analysis related posts

  • New 34 GitHub Repositories - OpenSource of Dec 21, 2024

    1 project | dev.to | 22 Dec 2024
  • Platform for Architecture-Neutral Dynamic Analysis (Panda)

    1 project | news.ycombinator.com | 11 Mar 2024
  • Hacking & Gaming :)

    1 project | /r/hacking | 17 Apr 2023
  • casr: Collect crash reports, triage, and estimate severity - estimates the security implications from native crash dumps

    1 project | /r/blueteamsec | 8 Apr 2023
  • Preventing Installing Composer Dependencies with Known Security Vulnerabilities

    2 projects | dev.to | 11 Jan 2023
  • Mass Assignment Vulnerabilities and Validation in Laravel

    1 project | dev.to | 23 Nov 2022
  • Security Snapshot Testing Inside Your Jest Test Suite

    1 project | /r/cybersecurity | 20 Oct 2022
  • A note from our sponsor - SaaSHub
    www.saashub.com | 26 Jan 2025
    SaaSHub helps you find the best software and product alternatives Learn more β†’

Index

What are some of the best open-source dynamic-analysis projects? This list will help you:

# Project Stars
1 x64dbg 45,251
2 Mobile-Security-Framework-MobSF 17,932
3 trufflehog 17,824
4 awesome-malware-analysis 12,184
5 owasp-mastg 11,913
6 MobileApp-Pentest-Cheatsheet 4,758
7 Triton 3,600
8 awesome-frida 3,127
9 binsider 2,943
10 panda 2,531
11 frida-snippets 2,337
12 bap 2,092
13 mutant 1,959
14 awesome-symbolic-execution 1,351
15 CrossHair 1,076
16 dynamic-analysis 967
17 fsmon 925
18 enlightn 926
19 packj 660
20 debugoff 307
21 casr 297
22 sandworm-guard-js 252
23 allsafe 231

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com

Did you know that JavaScript is
the 3rd most popular programming language
based on number of references?