This tool's is now Under Development. DONT USE THIS (I MEAN YOUR AT YOUR OWN RISK:-)
Tool Name: mamhack
mamhack is a powerful and flexible dynamic vulnerability analysis tool designed to help security professionals and developers identify and mitigate security issues in C and C++ source code. With a focus on accuracy and usability, our tool provides a comprehensive set of features to enhance your code security analysis process.
Key Features:
-
Dynamic Analysis: Utilize dynamic analysis techniques, including symbolic execution and taint analysis, to uncover potential vulnerabilities within your codebase.
-
Sanitization Support: Easily enable sanitizers like AddressSanitizer (ASan), Undefined Behavior Sanitizer (UBSan), and MemorySanitizer (MSan) during compilation for enhanced vulnerability detection.
-
Precise Parsing: Our tool employs advanced parsing libraries to accurately extract information from C/C++ source code, including function calls, variable declarations, control flow structures, and memory operations.
-
Vulnerability Detection: Detect a wide range of vulnerabilities, such as buffer overflows, format string vulnerabilities, integer overflows, use-after-free, null pointer dereferences, and more, with customizable detection algorithms.
-
Detailed Reports: Generate detailed vulnerability reports that include information about the vulnerable code, affected variables, potential exploit scenarios, and recommended mitigation strategies.
-
User-Friendly: mamhack is designed with user-friendliness in mind, offering clear instructions, usage examples, and comprehensive documentation to assist both security experts and developers.
-
Community-Driven: Join a vibrant community of security researchers and developers to collaborate, share knowledge, and contribute to the tool's ongoing improvement.
-
Continuous Updates: Stay ahead of emerging threats with regular updates, security patches, and new detection techniques to keep your codebase secure.
Whether you're a security professional auditing code for vulnerabilities or a developer looking to enhance your code's security posture, mamhack is your go-to solution for dynamic vulnerability analysis in C/C++.
Getting Started:
# Run with all features
python main.py /path/to/source --sanitizer asan --output-format html -v
# Run with verification only (skip symbolic/taint)
python main.py /path/to/source --skip-symbolic --skip-taint
# JSON output for automation
python main.py /path/to/source --output-format json
# Change output directory
python main.py /path/to/source --report-dir ./my_reports
# Adjust runtime execution
python main.py /path/to/source --max-runs 100 --run-timeout 10To begin using mamhack, follow our Installation Guide and consult the Documentation for detailed usage instructions.
Contributing:
We welcome contributions from the community. Whether it's bug fixes, new features, or improvements to existing ones, your contributions help make mamhack even more valuable. Check out our Comming soon(link_to_contributing_guidelines) to get started.
Stay Connected:
Join our community on Discord to stay updated, ask questions, and engage with fellow users.
License:
mamhack is released under the AFL‑3.0 License. See the LICENSE file for details.