Software Engineering Institute

SEI researchers often produce software whose utility extends beyond its original scope and application. The SEI frequently offers these tools to the community and has made 124 repositories freely available through its GitHub site.

Popular and Recently Released Open Source Repositories

• The CERT Kaiju static binary analysis framework is an extension to the National Security Agency’s Ghidra reverse engineering platform. Kaiju implements many features found in the Pharos framework, which facilitates the automated analysis of binary programs and detection of operating system paradigms. Kaiju implements Pharos’s object oriented analysis, function hashing, and malware analysis tools; provides additional tools to perform binary path analysis; and includes several integrated utilities and services to support reverse engineering tasks in Ghidra.


• GHOSTS simulates what anyone might do at a computer: create documents, browse websites, and download files. While GHOSTS was originally designed for cyber training and exercises, it is now also used for many other scenarios in which realistic activity on a computer is needed.


• The Source Code Analysis Laboratory (SCALe) helps source code analysts audit source code for security flaws and enables them to combine results from multiple tools into one interface.


• The TEC Machine Learning (ML) Mismatch Detection Tool helps developers of ML-enabled software capture key information about ML system elements from stakeholders in a set of descriptors, compares information in these descriptors, and flags any mismatches or missing information to help resolve problematic differences early in development.


• The Juneberry platform facilitates ML experimentation by helping users train and compare ML models that may have different architectures, data sets, and/or hyperparameters. By automating training and evaluation, Juneberry can improve robustness and security, qualities foundational to artificial intelligence engineering.

Beyond Open Source: SEI Installable Software Packages

The SEI also makes useful installable software packages freely available to the community. These packages include the System for Internet-Level Knowledge (SiLK), a collection of traffic analysis tools for large network analysis, and the Linux Incident Response and Forensics Tools Repository (LIFTeR).

To learn more about the SEI’s open source repositories and installable software packages, visit https://insights.sei.cmu.edu/software-tools/.