- FixMorph: Automated repair of Linux code, ISSTA 2021 (Best Artifact award)
- CPR: Concolic Program Repair tool, PLDI 2021 (released April 2021)
- Angelix: Semantic Program Repair, ICSE 2016 (released February 2016)
- SemFix: First semantic program repair tool, ICSE 2013
- VulnLoc: Vulnerability Localization in program binaries using fuzz testing, AsiaCCS 2021
- AFLNet: A greybox fuzzer for network protocols, ICST 2020 (released 2020)
- AFLSmart: Input-structure aware greybox fuzzing, TSE 2019 (released 2019)
- AFLGo: A directed Greybox Fuzz testing tool built on AFL, CCS 2017 (released September 2017)
- AFLFast: An improved Greybox Fuzz testing tool built on AFL, CCS 2016 , TSE 2019 (released August 2016)
- Developer Patches for Smart Contracts
- TimeMachine: Android app fuzz testing tool. Avoids
generating long event sequences by saving states.
- KLEESpectre: A checker for Spectre vulnerabilities in
programs using symbolic execution - Released 2019.
- oo7: A checker for Spectre vulnerabilities in
programs using taint analysis - Released 2019.
- CoreBench: A set of benchmarks containing realistic regression errors, as opposed to seeded errors, ISSTA 2014
- Chronos for multi-cores: the first execution time analysis tool for multi-core platforms.
- Chronos: Worst-case Execution Time (WCET) Analysis for C programs with users in around 110 organizations (universities & companies); used in under-graduate teaching in universities outside NUS, and successful participant in first WCET Tool Challenge in 2006.
- Memory Model Sensitive Assertion Checker for C# Programs