program-analysis

Open-source projects categorized as program-analysis
Edit details
Language: + C++ + Python + OCaml + Rust + JavaScript + C + Java + Roff + Solidity + F#
Topics: Static Analysis Security Reverse Engineering symbolic-execution binary-analysis
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 23 program-analysis Open-Source Projects

  • x64dbg

    An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

    • Project mention: we need a 2015E revival. | /r/oldrobloxrevivals | 2023-12-07

  • pyre-check

    Performant type-checking for python.

    • Project mention: Pylyzer – A fast static code analyzer and language server for Python | news.ycombinator.com | 2024-04-11

    Did you come across pyre in your search? MIT license and pretty fast.

    https://github.com/facebook/pyre-check

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Detect-It-Easy

    Program for determining types of files for Windows, Linux and MacOS.

    • Project mention: E-book piracy - a weird ZIP file | /r/Piracy | 2023-05-17

    If it was me, I'd first run something like DIE on it (I have a few such programs installed)- https://github.com/horsicq/Detect-It-Easy

  • mythril

    Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

  • manticore

    Symbolic execution tool

  • Triton

    Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code. (by JonathanSalwan)

  • rizin

    UNIX-like reverse engineering framework and command-line toolset.

    • Project mention: Refix: Fast, Debuggable, Reproducible Builds | news.ycombinator.com | 2024-04-02

    Just for the record, for nicer inspection of files with such debug information, including compressed sections, and debuginfod support, Rizin[1] can be used, since starting from the 0.7.0 release[2] all of those were added.

    [1] https://rizin.re

    [2] https://github.com/rizinorg/rizin/releases/tag/v0.7.0

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • pyt

    A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

  • DIE-engine

    DIE engine

  • ikos

    Static analyzer for C/C++ based on the theory of Abstract Interpretation.

    • Project mention: Static analyzer IKOS 3.2 Released | news.ycombinator.com | 2023-12-28

  • bap

    Binary Analysis Platform

  • bindiff

    Quickly find differences and similarities in disassembled code

    • Project mention: BinDiff is now open source | news.ycombinator.com | 2023-09-29

  • cwe_checker

    cwe_checker finds vulnerable patterns in binary executables

  • VMProtect-devirtualization

    Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.

  • semgrep-rules

    Semgrep rules registry

    • Project mention: Powerful SAST project for Android Application Security | /r/bugbounty | 2023-06-21

    Nice and all, but why not contribute to https://github.com/returntocorp/semgrep-rules ?

  • psychec

    A compiler frontend for the C programming language

  • vast

    VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.

    • Project mention: Print(“lol”) doubled the speed of my Go function | news.ycombinator.com | 2023-08-23

    Most languages target C or LLVM, and C and LLVM have a fundamentally lossy compilation processes.

    To get around this, you'd need a hodge podge of pre compiler directives, or take a completely different approach.

    I found a cool project that uses a "Tower of IRs" that can restablish source to binary provenance, which, seems to me, to be on the right track:

    https://github.com/trailofbits/vast

    I'd definitely like to see the compilation processes be more transparent and easy to work with.

  • crab

    A library for building abstract interpretation-based analyses (by seahorn)

  • siderophile

    Find the ideal fuzz targets in a Rust codebase

  • MATE

    MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs. (by GaloisInc)

  • pastis

    PASTIS: Collaborative Fuzzing Framework

  • Sojobo

    A binary analysis framework

  • cclyzerpp

    cclyzer++ is a precise and scalable pointer analysis for LLVM code.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

program-analysis related posts

Index

What are some of the best open-source program-analysis projects? This list will help you:

Project Stars
1 x64dbg 43,229
2 pyre-check 6,692
3 Detect-It-Easy 6,598
4 mythril 3,725
5 manticore 3,634
6 Triton 3,303
7 rizin 2,436
8 pyt 2,161
9 DIE-engine 2,112
10 ikos 1,986
11 bap 1,981
12 bindiff 1,884
13 cwe_checker 1,054
14 VMProtect-devirtualization 1,049
15 semgrep-rules 707
16 psychec 496
17 vast 335
18 crab 218
19 siderophile 189
20 MATE 170
21 pastis 147
22 Sojobo 132
23 cclyzerpp 110

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com