atomdrift Open-source malware detection for the modern software supply chain
Codeberg Lab
Home Projects News

About

We started Atomdrift because the existing tools in this space suck — they're proprietary, abandoned, or drown you in false positives. Our pipeline covers string extraction through ML classification, tuned for low false-positive rates, and we're building toward a broader vision of supply-chain-specific detection. Everything is Apache-2.0.

News

  • 2026-01-15 Atomdrift is here Open-source malware detection for the software supply chain.

All news →

Projects

  • cleave stable
    AST-aware software decomposition engine for supply-chain security. Detects capabilities and behaviors across 20+ languages and six binary formats in a single pass.
  • stng stable
    Modern string extraction for binary analysis — all of the good stuff, none of the garbage. Useful for triage, C2 enumeration, credential extraction, and YARA signature development.
  • litmus beta
    ML-powered malware classifier for supply-chain security. Uses cleave static analysis to extract capabilities, then classifies threat level.
  • xgboost-native stable
    Pure Rust XGBoost inference with exact TreeSHAP. No ONNX, no C++ runtime — runs anywhere Rust does.
  • atomdrift planned
    Molecular drift detection. Tracks how code atoms shift across versions and dependencies.
⚛ Atomdrift Lab

Submit files for free malware analysis. Open to researchers, defenders, and the curious.

Open the Lab →

Get the Code

Project Info

License
Apache 2.0
Language
Rust
Hosting
Codeberg
© 2026 The Atomdrift Project Source · Security