atomdrift Open-source malware detection for the modern software supply chain
Codeberg Lab
Home Projects News

About

We built Atomdrift because excellent malware detection belongs to everyone, especially the open-source community. Everything is Apache 2.0 licensed, because If you can't see behind the curtains, it's not security - it's theater.

News

  • 2026-03-26 Atomdrift is here! Introducing open-source malware detection for the modern software supply chain.

All news →

Projects

  • litmus stable
    ML-powered malware classifier for supply-chain security. Uses cleave static analysis to extract capabilities, then classifies threat level.
  • cleave stable
    AST-aware software decomposition engine for supply-chain security. Detects capabilities and behaviors across 20+ languages and six binary formats in a single pass.
  • stng stable
    Modern string extraction for binary analysis — all of the good stuff, none of the garbage. Useful for initial triage, C2 enumeration, credential extraction, and signature development.
  • xgboost-native stable
    Pure Rust XGBoost inference with exact TreeSHAP. No ONNX, no C++ runtime — runs anywhere Rust does.
  • c.diff DESIGN PHASE
    Context-driven molecular drift detection. Tracks how code atoms shift across versions and dependencies.
⚛ Atomdrift Lab

Submit files for free malware analysis. Open to researchers, defenders, and the curious.

Open the Lab →

Get the Code

Project Info

License
Apache 2.0
Languages
Rust, Go
© 2026 The Atomdrift Project