LiefAuthors
Stars: ✭ 2,730 (+847.92%)
xrayHexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions
Stars: ✭ 97 (-66.32%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-70.83%)
assemblyline clientPython client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4
Stars: ✭ 19 (-93.4%)
rair-coreRAIR: RAdare In Rust
Stars: ✭ 63 (-78.12%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-95.49%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (-91.32%)
malice-avMalice AntiVirus Plugins
Stars: ✭ 98 (-65.97%)
Anti-DebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (+3.13%)
decrypticonJava-layer Android Malware Simplifier
Stars: ✭ 17 (-94.1%)
mazMalware Analysis Zoo
Stars: ✭ 25 (-91.32%)
malwinxJust a normal flask web app to understand win32api with code snippets and references.
Stars: ✭ 76 (-73.61%)
MalwareDatabaseMalware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-92.71%)
malhuntHunt malware with Volatility
Stars: ✭ 30 (-89.58%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-75.69%)
malware-writeupsPersonal research and publication on malware families
Stars: ✭ 104 (-63.89%)
Malware ResearchCode written as part of our various malware investigations
Stars: ✭ 281 (-2.43%)
pelauncherPortable Executable launcher for Windows NT bypassing loader
Stars: ✭ 49 (-82.99%)
coranaCorana is a Dynamic Symbolic Execution Engine for ARM Cortex-M aiming to incrementally reconstruct the precise Control Flow Graph (CFG) of IoT malware under the presence of obfuscation techniques e.g., indirect jumps and opaque predicates
Stars: ✭ 19 (-93.4%)
Practical Malware AnalysisMaterials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski
Stars: ✭ 16 (-94.44%)
flare-emuNo description or website provided.
Stars: ✭ 561 (+94.79%)
HomebrewOverlayBrowser extension adware (showHomebrewOverlayOuter)
Stars: ✭ 52 (-81.94%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-51.39%)
jitmJITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
Stars: ✭ 27 (-90.62%)
bazaarAndroid security & privacy analysis for the masses
Stars: ✭ 191 (-33.68%)
PepperPE (x86) and PE+ (x64) files viewer, based on libpe.
Stars: ✭ 65 (-77.43%)
mem64Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
Stars: ✭ 26 (-90.97%)
pe-loaderA Windows PE format file loader
Stars: ✭ 81 (-71.87%)
DrltraceDrltrace is a library calls tracer for Windows and Linux applications.
Stars: ✭ 282 (-2.08%)
pftriagePython tool and library to help analyze files during malware triage and analysis.
Stars: ✭ 77 (-73.26%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-89.24%)
rtfraptorExtract OLEv1 objects from RTF files by instrumenting Word
Stars: ✭ 50 (-82.64%)
maldetectDebian packaging of Linux Malware Detect (https://github.com/rfxn/linux-malware-detect)
Stars: ✭ 48 (-83.33%)
stringsifterA machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 567 (+96.88%)
speakeasyWindows kernel and user mode emulation.
Stars: ✭ 1,017 (+253.13%)
rtfsigA tool to help malware analysts signature unique parts of RTF documents
Stars: ✭ 28 (-90.28%)
REW-sploitEmulate and Dissect MSF and *other* attacks
Stars: ✭ 115 (-60.07%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (-85.76%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (-82.64%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-90.62%)
SimpleatorSimpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (-9.72%)
UnAutoItThe Cross Platform AutoIt Extractor
Stars: ✭ 90 (-68.75%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+5.21%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-88.19%)
calamityA script to assist in processing forensic RAM captures for malware triage
Stars: ✭ 24 (-91.67%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (-10.42%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-1.04%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+13.54%)