AndreaNaspi / WhiteRabbitTrackerLinks
WhiteRabbitTracker: Analyzing malware evasions with information flow tracking
☆17Updated 3 years ago
Alternatives and similar repositories for WhiteRabbitTracker
Users that are interested in WhiteRabbitTracker are comparing it to the libraries listed below
Sorting:
- Forecasting Malware Capabilities From Cyber Attack Memory Images☆32Updated 2 years ago
- automated-arancino is a lightweight analysis framework to automate malware experiments.☆15Updated 8 years ago
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆72Updated 3 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆86Updated last year
- Research tool able to detect and mitigate evasion techniques used by malware in-the-wild☆11Updated 2 years ago
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆51Updated last year
- A framework for static analysis of ROP exploits and programs☆40Updated 6 years ago
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆23Updated 5 years ago
- SAFE embeddings to match functions in yara☆100Updated 5 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- Robust Automated Malware Unpacker☆84Updated 2 years ago
- Collection of DBI evasion techniques☆14Updated 3 years ago
- ☆59Updated 4 years ago
- SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create repr…☆115Updated 3 months ago
- A collection of well labeled ELF binaries compiled from benign and malicious code in various ways. Great for exploring similarity in exec…☆95Updated last year
- PMP: Cost-Effective Forced Execution with Probabilistic Memory Pre-Planning☆10Updated 4 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated 2 weeks ago
- Cross-Architecture Function Similarity Search Model - https://arxiv.org/abs/2310.03605☆14Updated last year
- Automated Yara Rule generation using Biclustering☆67Updated 4 years ago
- Gadget displacement on top of IPR (In-Place Randomization) against Code Reuse Attack☆26Updated 9 years ago
- ☆24Updated 2 years ago
- Assembled Labeled Library for Static Analysis Research - Debian packages built for 6 architectures, storing compiler artifacts, binaries…☆28Updated 4 years ago
- The Tangled Genealogy of IoT Malware☆12Updated 4 years ago
- Code and artifacts of the "Dissecting American Fuzzy Lop - A FuzzBench Evaluation" paper☆13Updated 2 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆56Updated 5 years ago
- suite of binaries used to test function identification☆29Updated 7 years ago
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆68Updated 3 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.☆59Updated 4 years ago
- Build your emulation environment as needed☆67Updated 4 years ago