Constraint-Guided Multi-Agent Decompilation for Executable Binary Recovery

Decompilation -- recovering source code from compiled binaries -- is essential for security analysis, malware reverse engineering, and legacy software maintenance. However, existing decompilers produce code that often fails to compile or execute correctly, limiting their practical utility. We...

angr (>=9.2.187 <=9.2.214), angr-management (>=9.2.187 <=9.2.214) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

angr (>=9.2.187 <=9.2.214), angr-management (>=9.2.187 <=9.2.214) +25 more potentially affected by unknown CVE via uefi-firmware (>=1.11.0 <=1.9.0)

uefi-firmware PYPI version =1.11.0, =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.2.0, =0.1.0, =0.1.5 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-UEFIFIRMWARE-16426807...

angr (>=9.2.187 <=9.2.214), angr-management (>=9.2.187 <=9.2.214) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

Software-Security-Learning

It is an offensive tool for binary analysis. The repository Software-Security-Learning contains a collection of resources for learning software security, including tools and tutorials for binary analysis. The tools listed include Pharos, Angr, Vuzzer, PEDA, and pwntools, which are used for static...

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

angr (>=8.18.10.5 <=9.2.214), angr-management (>=9.0.4378 <=9.2.214) +30 more potentially affected by unknown CVE via pyvex (>=8.18.10.25 <=9.2.99)

pyvex PYPI version =8.18.10.25, =8.18.10.5, =9.0.4378, =1.0.0rc2, =1.0.7, =1.0.4, =9.0.4378, =9.0.5610, =1.0.0, =0.2.0, =0.0.1, =9.0.4378, =1.0.3, =0.0.1, =0.1.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:OSV-2025-500...

Data Flows in You: Benchmarking and Improving Static Data-Flow Analysis on Binary Executables

Data-flow analysis is a critical component of security research. Theoretically, accurate data-flow analysis in binary executables is an undecidable problem, due to complexities of binary code. Practically, many binary analysis engines offer some data-flow analysis capability, but we lack...

androidemu (>=0.0.3 <=0.0.4), angr (>=9.2.26 <=9.2.143) +77 more potentially affected by unknown CVE via unicorn (>=2.0.1 <=2.1.2)

unicorn PYPI version =2.0.1, =0.0.3, =9.2.26, =9.2.26, =1.0.7, =0.8.0, =0.0.1, =0.1.3, =1.5.2, =0.0.8, =2.5.0, =2.5.1.5 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-UNICORN-9634283...

Fuzzable - Framework For Automating Fuzzable Target Discovery With Static Analysis

Framework for Automating Fuzzable Target Discovery with Static Analysis. Introduction Vulnerability researchers conducting security assessments on software will often harness the capabilities of coverage-guided fuzzing through powerful tools like AFL++ and libFuzzer. This is important as it...

angr (>=9.0.4446 <=9.2.25), angr-management (>=9.0.4446 <=9.2.25) +13 more potentially affected by CVE-2021-44078 via unicorn (>=1.0.2 <=1.0.3)

unicorn PYPI version =1.0.2, =9.0.4446, =9.0.4446, =9.0.4446, =0.4.0, =4.1.1, =1.2.1, =0.0.3, =1.1.0, =1.4.4, =0.0.0, =0.1.0 Source cves: CVE-2021-44078 Source advisory: OSV:PYSEC-2021-868...

Zeratool

This is an offensive tool for CTF Capture The Flag problems. It is designed to automatically generate exploits and remotely capture flags for exploitable CTF problems. The tool, called Zeratool, uses the angr binary analysis framework to concolically analyze binaries by hooking printf and looking...

Software-Security-Learning

It is an offensive tool for binary exploitation. The primary CVE ID is not explicitly mentioned, but the repository contains information on various software security topics, including binary exploitation. The target product/service or framework is not specified, but the repository includes tools...

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis framework to analyze binaries and identify vulnerabilities. The tool can generate exploits for buffer overflow and format string vulnerabilities, an...

autoPwn - Automate Repetitive Tasks For Fuzzing

Warning Completely re-writing this right now. Focus will be on interactive Linux apps that only take input from stdin for starters. Attempting to use Shellphish's Driller and Fuzzer functionality. autoPwn in it's current state will do this in limited form. Simply run autoPwn ./binary then select...

BootStomp - A Bootloader Vulnerability Finder

BootStomp is a boot-loader bug finder. It looks for two different class of bugs: memory corruption and state storage vulnerabilities. For more info please refer to the BootStomp paper at https://seclab.cs.ucsb.edu/academic/publishing/bootstomp-security-bootloaders-mobile-devices-2017 To run...

angr:python-based binary analysis framework-vulnerability warning-the black bar safety net

Foreword Take a look at this Integrated Framework in binary code analysis of the CTF, to solve what the problem it, here is the git are listed in the solution to the CTF game: ! ! Wherein, HackCon 2016 - angry-reverser takes 31 min, SecurityFest 2016 – it takes 20s, Defcamp CTF Qualification...