Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with program-analysis

A curated list of projects in awesome lists tagged with program-analysis .

https://github.com/consensysdiligence/mythril

Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.

blockchain ethereum program-analysis security security-analysis smart-contracts solidity symbolic-execution

Last synced: 13 May 2025

https://github.com/ConsenSys/mythril-classic

Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.

blockchain ethereum program-analysis security security-analysis smart-contracts solidity symbolic-execution

Last synced: 07 May 2025

https://github.com/ConsenSysDiligence/mythril

Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.

blockchain ethereum program-analysis security security-analysis smart-contracts solidity symbolic-execution

Last synced: 30 Mar 2025

https://github.com/ConsenSys/mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

blockchain ethereum program-analysis security security-analysis smart-contracts solidity symbolic-execution

Last synced: 15 Mar 2025

https://github.com/consensys/mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Rootstock, Tron and other EVM-compatible blockchains.

blockchain ethereum program-analysis security security-analysis smart-contracts solidity symbolic-execution

Last synced: 25 Mar 2025

https://github.com/jonathansalwan/triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

binary-analysis binary-translation deobfuscation dynamic-analysis emulator instruction-semantics lifter program-analysis reverse-engineering symbolic-execution taint-analysis

Last synced: 12 May 2025

https://github.com/JonathanSalwan/Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

binary-analysis binary-translation deobfuscation dynamic-analysis emulator instruction-semantics lifter program-analysis reverse-engineering symbolic-execution taint-analysis

Last synced: 12 Mar 2025

https://github.com/nasa-sw-vnv/ikos

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

abstract-interpretation program-analysis software-verification static-analysis

Last synced: 14 May 2025

https://github.com/rizinorg/rizin

UNIX-like reverse engineering framework and command-line toolset.

debugging exploitation program-analysis reverse-engineering security

Last synced: 12 May 2025

https://github.com/google/bindiff

Quickly find differences and similarities in disassembled code

bindiff binexport c-plus-plus diffing ida-plugin ida-pro java program-analysis program-differencing reverse-engineering vxsig

Last synced: 14 May 2025

https://github.com/NASA-SW-VnV/ikos

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

abstract-interpretation program-analysis software-verification static-analysis

Last synced: 17 Apr 2025

https://github.com/jar-analyzer/jar-analyzer

Jar Analyzer - 一个JAR包分析工具,批量分析,SCA漏洞分析,方法调用关系搜索,字符串搜索,Spring组件分析,信息泄露检查,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码

bytecode jar java-asm java-bytecode java-debugger java-decompiler java-gui java-security java-vulnerability program-analysis static-analysis vulnerability web-vulnerability

Last synced: 04 Apr 2025

https://github.com/jonathansalwan/vmprotect-devirtualization

Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.

deobfuscation llvm-ir program-analysis symbolic-execution vmprotect

Last synced: 13 Apr 2025

https://github.com/JonathanSalwan/VMProtect-devirtualization

Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.

deobfuscation llvm-ir program-analysis symbolic-execution vmprotect

Last synced: 13 Apr 2025

https://github.com/pascal-lab/tai-e-assignments

Tai-e assignments for static program analysis

education java program-analysis static-analysis

Last synced: 16 May 2025

https://github.com/angr/angr-management

The official angr GUI.

angr hacktoberfest program-analysis

Last synced: 14 May 2025

https://github.com/jar-analyzer/jar-analyzer-v1-gui

建议使用新版:https://github.com/jar-analyzer/jar-analyzer

java-decompiler program-analysis static-analysis

Last synced: 25 Aug 2025

https://github.com/semgrep/semgrep-rules

Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.

grep-like program-analysis security security-scanner semgrep semgrep-registry semgrep-rules static-analysis

Last synced: 14 May 2025

https://github.com/wala/WALA

T.J. Watson Libraries for Analysis, with frontends for Java, Android, and JavaScript, and may common static program analyses

android callgraph dataflow-analysis java javascript pointer-analysis program-analysis slicing static-analysis static-code-analysis

Last synced: 09 Jul 2025

https://github.com/soot-oss/SootUp

A new version of Soot with a completely overhauled architecture

android bytecode call-graph dataflow-analysis java jimple program-analysis soot static-analysis static-code-analysis

Last synced: 27 Feb 2025

https://github.com/falconre/falcon

Binary Analysis Framework in Rust

binary-analysis data-flow-analysis program-analysis rust

Last synced: 12 Dec 2025

https://github.com/mohitmishra786/reversingbits

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse engineers, and low-level programmers.

assembly binary-analysis binary-exploitation ctf-tools cybersecurity cybersecurity-tools debugging disassembly dynamic-analysis malware-analysis penetration-testing program-analysis reverse-engineering reversing security-tools static-analysis system-security vulnerability-research x86-64 x86-assembly

Last synced: 08 Apr 2025

https://github.com/enzet/symbolic-execution

History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)

concolic concolic-execution dynamic-analysis dynamic-symbolic-execution history program-analysis solving symbolic-execution timeline

Last synced: 05 Apr 2025

https://github.com/github/codeql-go

The CodeQL extractor and libraries for Go.

codeql datalog go golang program-analysis static-analysis

Last synced: 04 Oct 2025

https://github.com/trailofbits/vast

VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.

c clang compiler-frontend compilers cpp intermediate-representation mlir program-analysis

Last synced: 05 Apr 2025

https://github.com/vitsalis/PyCG

Static Python call graph generator

call-graphs callgraph program-analysis pycg python static-analysis

Last synced: 15 Mar 2025

https://github.com/seahorn/clam

Static Analyzer for LLVM bitcode based on Abstract Interpretation. **Update**: clam is still actively maintained. Please use branch dev14.

abstract-interpretation invariants llvm program-analysis software-verification static-analysis

Last synced: 06 Apr 2025

https://github.com/seahorn/crab

A library for building abstract interpretation-based analyses. **Update**: crab is still actively maintained. Please use branch dev.

abstract-interpretation invariants program-analysis static-analysis verification

Last synced: 16 May 2025

https://github.com/trailofbits/siderophile

Find the ideal fuzz targets in a Rust codebase

fuzzing program-analysis rust security-testing

Last synced: 06 Oct 2025

https://github.com/exposejs/expose

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.

bug-fixing javascript program-analysis programming-languages software-testing symbolic-execution unit-testing

Last synced: 13 May 2025

https://github.com/fugue-re/fugue-core

A binary analysis framework written in Rust.

binary-analysis disassembly lifting program-analysis reverse-engineering

Last synced: 22 Jul 2025

https://github.com/galoisinc/cclyzerpp

cclyzer++ is a precise and scalable pointer analysis for LLVM code.

datalog llvm pointer-analysis program-analysis souffle static-analysis

Last synced: 03 Jul 2025

https://github.com/liuml07/giri

Dynamic Program Slicing in LLVM Compiler

compilers instrumentation llvm program-analysis research-project

Last synced: 08 Oct 2025

https://github.com/mingyuan-xia/PATDroid

A Program Analysis Toolkit for Android

android apk bytecode dalvik program-analysis

Last synced: 26 Mar 2025

https://github.com/galoisinc/grease

CLI tool, Ghidra plug-in, and Haskell library for analyzing binaries using under-constrained symbolic execution

binary-analysis ghidra-plugin haskell haskell-library program-analysis symbolic-execution under-constrained-symbolic-execution

Last synced: 01 Jul 2025

https://github.com/mingyuan-xia/patdroid

A Program Analysis Toolkit for Android

android apk bytecode dalvik program-analysis

Last synced: 17 Mar 2025

https://github.com/pfalcon/scratchablock

Yet another crippled decompiler project

data-flow-analysis decompiler program-analysis reverse-engineering

Last synced: 28 Aug 2025

https://github.com/trailofbits/vendetect

A tool to automatically detect copy+pasted and vendored code between repositories

plagiarism-detection program-analysis sbom sbom-tool

Last synced: 14 Dec 2025

https://github.com/nus-apr/cerberus

Research Acceleration Platform that provides interface to multiple state-of-the-art program analysis tools including but not limited to fuzzing, static analysis and program repair.

benchmarking-platform continuous-integration program-analysis program-repair research-acceleration software-fuzzing

Last synced: 06 Apr 2025

https://github.com/galoisinc/yapall

A precise and scalable pointer analysis for LLVM, written in Ascent

datalog llvm pointer-analysis program-analysis static-analysis

Last synced: 03 Jul 2025

https://github.com/sdasgup3/binary-decompilation

Extracting high level semantic information from binary code

binary-analysis kframework llvm-bitcode program-analysis semantics symbolic-execution x86 x86-64

Last synced: 06 Oct 2025

https://github.com/yugr/sortcheck

Tool for detecting violations of ordering axioms in qsort/bsearch callbacks.

dynamic-analysis program-analysis qsort runtime-verification

Last synced: 03 Oct 2025

https://github.com/skius/progge.rs

Program analysis playground for a simple, imperative language

abstract-interpretation compiler llvm program-analysis programming-language static-analysis type-checking

Last synced: 28 Jun 2025

https://github.com/koukyosyumei/gymbo

gradient-based symbolic execution engine implemented from scratch

debugging dpll dpll-solver gradient-descent neural-network program-analysis smt-solver static-analysis symbolic-execution

Last synced: 09 Oct 2025

https://github.com/danhper/evm-analyzer

Code for Smart Contract Vulnerabilities: Vulnerable Does Not Imply Exploited

blockchain ethereum program-analysis smart-contracts

Last synced: 13 Apr 2025

https://github.com/lifting-bits/patchestry

Patchestry is a binary patching framework built with MLIR and Ghidra.

c cpp decompilation ghidra-scripts mlir program-analysis

Last synced: 26 Jul 2025

https://github.com/yugr/sighandlercheck

Proof-of-concept tool for checking signal handlers for reentrancy issues.

dynamic-analysis program-analysis reentrancy runtime-verification signal signal-handler

Last synced: 08 Aug 2025

https://github.com/nus-apr/crashrepair

Security Vulnerability Repair via Concolic Execution and Code Mutations

program-analysis program-repair security-vulnerability

Last synced: 12 Apr 2025

https://github.com/yugr/sortcheckxx

Tool for detecting violations of ordering axioms in STL comparators

dynamic-analysis program-analysis qsort

Last synced: 11 Apr 2025

https://github.com/sri-csl/bixie

Inconsistent code detection for Java.

inconsistency java program-analysis static-analysis static-analyzer

Last synced: 07 Apr 2025

https://github.com/formalsec/wasp

WASP was superseded by: https://github.com/OCamlPro/owi

c program-analysis symbolic-execution testing webassembly

Last synced: 08 Nov 2025

https://github.com/bliutech/taintmonkey

GSET 2025. Repository for "TaintMonkey: Dynamic Taint Analysis of Python Web Applications Using Monkey Patching". A Pytest plugin incorporating fuzzing and taint analysis to uncover security vulnerabilities in Flask web applications.

dynamic-analysis flask fuzzing monkey-patching program-analysis pytest taint-analysis

Last synced: 12 Aug 2025

https://github.com/PKU-ASAL/WASEM

WASEM - a general symbolic execution framework for WebAssembly (WASM) binaries

program-analysis symbolic-execution vulnerability-detection webassembly

Last synced: 20 Apr 2025

https://github.com/antgroup/yasa-engine

YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on top of UAST, YASA provides a highly accurate static analysis framework.

antgroup program-analysis security taint-analysis

Last synced: 14 Sep 2025

https://github.com/yugr/dirtyframe

A prototype tool to provoke uninitilized data errors by filling stack frames with garbage in prologue

buffer-overflow dynamic-analysis program-analysis runtime-verification

Last synced: 11 Apr 2025

https://github.com/yegor256/ppa

Practical Program Analysis (academic course) presented in Innopolis University in 2023

course formal-grammar formal-semantics latex lecture-notes program-analysis programming-language

Last synced: 27 Mar 2025

https://github.com/vprlab/somo

A specialized tool for smart contract modifier analysis based on the Modifier Dependency Graph (MDG)

modifier program-analysis security-tools slither smart-contracts solidity static-analyzer taint-analysis

Last synced: 20 Jun 2025

https://github.com/skyleaworlder/paper-reading

:page_with_curl: 论文阅读记录 (Software Engineering - Program Analysis & Testing & Verification)

program-analysis software-engineering software-testing verification

Last synced: 05 Mar 2025

https://github.com/yugr/dirtypad

Clang plugin which fills structure pads to provoke buffer overflow errors

buffer-overflow dynamic-analysis llvm program-analysis runtime-verification

Last synced: 11 Apr 2025

https://github.com/yugr/debian_pkg_test

Scripts to apply code analyzers to Debian packages.

debian dynamic-analysis pbuilder program-analysis runtime-verification

Last synced: 11 Apr 2025

https://github.com/euske/fgyama

Static source code analyzer that extracts an interprocedural dataflow graph from Java source code.

dataflow-analysis program-analysis software-engineering source-code-analysis

Last synced: 24 Dec 2025

https://github.com/rshariffdeen/hercule

An inter-package analysis techinque for supply chain protection, that combines three analyses to identify malicious packages with high precision and high recall

malware-detection program-analysis supply-chain supply-chain-security

Last synced: 12 Apr 2025