An analysis tool for Python that blurs the line between testing and type systems.

Blazing Fast Bytecode-Level Hybrid Fuzzer for Smart Contracts

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)

WebAssembly Swissknife & cross-language bugfinder

OSS-Sydr-Fuzz - OSS-Fuzz fork for hybrid fuzzing (fuzzer+DSE) open source software.

fuzzing + concolic = fuzzolic :)

The exploit generator CRAX++ is CRAX with a plugin system, s2e 2.0 upgrade, dynamic ROP, code selection, and I/O states (HITCON 2022)

SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.

Build your emulation environment as needed

CRETE under development

CPR: A new automated program repair technique based on concolic execution which works on patch abstraction with the sub-optimal goal of refining the patch to less over-fit the initial test cases.

模糊器与符号测试结合的漏洞挖掘系统（fuzzer, concolic-execution）

A concolic testing engine for RISC-V embedded software with support for SystemC peripherals

Sydr benchmark applications

An approximate solver for concolic execution

SymFusion: Hybrid Instrumentation for Concolic Execution

A prototype of Concolic Testing engine for SystemVerilog, developed as part of PFN summer internship 2018.

Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)