atomdrift Open-source supply chain forensics
Codeberg Lab
Home Projects News

About

Atomdrift is a suite of open-source tools for decomposing software into its atomic components. By breaking binaries and source code into structural primitives, we identify the unique molecules that threaten the software supply chain.

All code is developed in the open on Codeberg and released under the Apache 2.0 license. Reproducible security tooling must be free software.

News

  • 2026-03-18 stng 1.1.1 released — XOR deobfuscation improvements and faster UTF-16 string detection.
  • 2026-03-10 Atomdrift Lab is now open — Free public malware analysis sandbox for researchers and defenders.
  • 2026-02-14 litmus enters beta — ML-powered malware classification, now ready for wider testing.
  • 2026-01-15 Hello world — The Atomdrift Project is live.

All news →

Projects

  • cleave stable
    Deep static analysis engine. AST-aware decomposition of binaries and source code across 20+ languages, with automated reverse engineering via Radare2 and YARA-X signature matching.
  • stng stable
    Advanced string extraction for binary analysis. Isolates encoded strings, decodes XOR obfuscation, and classifies IOCs with language-aware extraction for Go and Rust binaries.
  • litmus beta
    ML-powered malware classifier. Trains custom XGBoost models on cleave output to assess threats tailored to your environment. Supports package diff for supply chain attack detection.
  • atomdrift planned
    Molecular drift detection. Tracks how code atoms shift across versions and dependencies.
⚛ Atomdrift Lab

Submit files for free malware analysis. Open to researchers, defenders, and the curious.

Open the Lab →

Get the Code

Project Info

License
Apache 2.0
Language
Rust
Hosting
Codeberg
© 2026 The Atomdrift Project Source · Security