YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+444.52%)
Malware ResearchCode written as part of our various malware investigations
Stars: ✭ 281 (+92.47%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (+76.71%)
Macbook《macOS软件安全与逆向分析》随书源码
Stars: ✭ 302 (+106.85%)
PwndbgExploit Development and Reverse Engineering with GDB Made Easy
Stars: ✭ 4,178 (+2761.64%)
CmulatorCmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript
Stars: ✭ 197 (+34.93%)
SimpleatorSimpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (+78.08%)
IdenlibidenLib - Library Function Identification [This project is not maintained anymore]
Stars: ✭ 322 (+120.55%)
GefGEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
Stars: ✭ 4,197 (+2774.66%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (+32.88%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+123.97%)
WdbgarkWinDBG Anti-RootKit Extension
Stars: ✭ 450 (+208.22%)
Linux.miraiLeaked Linux.Mirai Source Code for Research/IoC Development Purposes
Stars: ✭ 466 (+219.18%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-25.34%)
bluepillBluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (-35.62%)
KartonDistributed malware processing framework based on Python, Redis and MinIO.
Stars: ✭ 134 (-8.22%)
Anti-DebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (+103.42%)
FileintelA modular Python application to pull intelligence about malicious files
Stars: ✭ 97 (-33.56%)
Malware SamplesA collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Stars: ✭ 565 (+286.99%)
StringsifterA machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 469 (+221.23%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+238.36%)
CapaThe FLARE team's open-source tool to identify capabilities in executable files.
Stars: ✭ 1,981 (+1256.85%)
csbdThe repository contains the python implementation of the Android Malware Detection paper: "Empirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios"
Stars: ✭ 20 (-86.3%)
fame modulesCommunity modules for FAME
Stars: ✭ 55 (-62.33%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-52.05%)
FlirtdbA community driven collection of IDA FLIRT signature files
Stars: ✭ 809 (+454.11%)
MalboxesBuilds malware analysis Windows VMs so that you don't have to.
Stars: ✭ 900 (+516.44%)
Virustotal ToolsSubmits multiple domains to VirusTotal API
Stars: ✭ 29 (-80.14%)
Malware JailSandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
Stars: ✭ 349 (+139.04%)
WinappdbgWinAppDbg Debugger
Stars: ✭ 338 (+131.51%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-71.92%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-68.49%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+180.14%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (-57.53%)
MalwaresourcecodeCollection of malware source code for a variety of platforms in an array of different programming languages.
Stars: ✭ 8,666 (+5835.62%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-84.25%)
Makinmakin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
Stars: ✭ 645 (+341.78%)
MatireMalware Analysis, Threat Intelligence and Reverse Engineering: LABS
Stars: ✭ 55 (-62.33%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-46.58%)
MaliceVirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (+758.22%)
Re sysdiag逆向火绒安全软件驱动——sysdiag
Stars: ✭ 111 (-23.97%)
Elf Stringself-strings will programmatically read an ELF binary's string sections within a given binary. This is meant to be much like the strings UNIX utility, however is purpose built for ELF binaries.
Stars: ✭ 127 (-13.01%)
StingrayIDAPython plugin for finding function strings recursively
Stars: ✭ 110 (-24.66%)
React Cursor PositionA React component that decorates its children with mouse and touch coordinates relative to itself.
Stars: ✭ 136 (-6.85%)
Alive reversingRe-implementation of Abe's Exoddus and Abe's Oddysee
Stars: ✭ 127 (-13.01%)
KeystoneKeystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings
Stars: ✭ 1,654 (+1032.88%)
Pe SieveScans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Stars: ✭ 1,783 (+1121.23%)
Pelock Software Protection And Licensing SdkSoftware copy protection against cracking & reverse engineering with anti-cracking & anti-debugging techniques. Software license key system with time trial options.
Stars: ✭ 109 (-25.34%)
Jarvis"Just Another ReVersIng Suite" or whatever other bullshit you can think of
Stars: ✭ 137 (-6.16%)
AmieA Minimalist Instruction Extender for the ARM architecture and IDA Pro
Stars: ✭ 136 (-6.85%)