cwe_checker is a static analysis tool designed to detect common vulnerability patterns in ELF binaries across multiple CPU architectures. The tool identifies bug classes formally categorized as Common Weakness Enumerations (CWEs), including null pointer dereferences and buffer overflows. The tool leverages Ghidra for binary disassembly, converting executables into a common intermediate representation for analysis. This approach enables cross-architecture support for x86, ARM, MIPS, and PPC binaries, making it particularly useful for firmware security analysis. cwe_checker implements various analysis techniques ranging from simple heuristics to abstract interpretation-based data-flow analysis. The tool features a plugin-based architecture that allows for extensibility and customization of analysis rules and APIs. Key capabilities include: - Static analysis of ELF binaries without requiring source code - Multi-architecture support through Ghidra integration - Detection of memory safety vulnerabilities and common programming errors - Configurable analysis parameters and rule sets - Integration with Ghidra for annotated result visualization - Docker-based deployment for simplified setup The tool outputs analysis results that can be viewed within Ghidra's interface, providing analysts with annotated views of potentially vulnerable code paths. This integration helps security researchers and developers identify and prioritize security issues in compiled binaries.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A brute-force protection middleware for express routes that rate-limits incoming requests.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.