Sys
A static and symbolic analysis tool for finding memory safety bugs in browser code and other software.
What is Sys?
Sys is a static and symbolic analysis tool designed to find memory safety bugs in complex software, with a particular focus on browser code. It combines static analysis with symbolic execution to detect subtle vulnerabilities, such as uninitialized memory access or buffer overflows, that might be missed by other methods. The tool operates directly on LLVM intermediate representation, enabling analysis of optimized production builds.
Security researchers and software engineers working on memory safety, particularly those analyzing or developing complex, performance-critical systems like web browsers or similar large-scale C/C++ codebases. It is also suitable for developers needing to audit production-quality code for subtle security vulnerabilities.
Developers choose Sys for its ability to find 'good bugs in good code'—subtle, security-critical vulnerabilities in well-written, production-quality software where traditional testing might not be sufficient. Its integration of static and symbolic analysis, combined with support for multiple optimization levels, allows it to detect issues that other tools may overlook.
Overview
Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Use Cases
Best For
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
