AndreaNaspi / WhiteRabbitTracker
WhiteRabbitTracker: Analyzing malware evasions with information flow tracking
☆16Updated 3 years ago
Related projects: ⓘ
- automated-arancino is a lightweight analysis framework to automate malware experiments.☆15Updated 7 years ago
- Forecasting Malware Capabilities From Cyber Attack Memory Images☆30Updated last year
- Research tool able to detect and mitigate evasion techniques used by malware in-the-wild☆11Updated last year
- Code for my blog post on using S2E for malware analysis☆24Updated 5 years ago
- Gadget displacement on top of IPR (In-Place Randomization) against Code Reuse Attack☆25Updated 8 years ago
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆70Updated 2 years ago
- SAFE embeddings to match functions in yara☆99Updated 4 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆82Updated 3 months ago
- The Tangled Genealogy of IoT Malware☆10Updated 3 years ago
- A framework for static analysis of ROP exploits and programs☆40Updated 5 years ago
- Automated Yara Rule generation using Biclustering☆58Updated 3 years ago
- Robust Automated Malware Unpacker☆84Updated last year
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆67Updated 3 years ago
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆46Updated last year
- [SmartCom2017] An Effective Malware Detection based on Behaviour and Data Feature☆19Updated 6 years ago
- Cross-Architecture Function Similarity Search Model - https://arxiv.org/abs/2310.03605☆11Updated 11 months ago
- This repository contains dynamic and static tools for IoT malware analysis☆19Updated 2 years ago
- ☆57Updated 3 years ago
- suite of binaries used to test function identification☆28Updated 6 years ago
- Corana is a Dynamic Symbolic Execution Engine for ARM Cortex-M aiming to incrementally reconstruct the precise Control Flow Graph (CFG) o…☆24Updated 6 months ago
- Headless Scripts for Ghidra's Headless Analyzer written in Python☆28Updated 4 years ago
- IDA Pro resources, scripts, and configurations☆110Updated 5 months ago
- The prototype system of paper Similarity Metric Method for Binary Basic Blocks of Cross-Instruction Set Architecture.☆27Updated last year
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆21Updated 4 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆23Updated 2 years ago
- winAFL patch to enable network-based apps fuzzing☆37Updated 6 years ago
- FuzzSplore: Visualizing Feedback-Driven Fuzzing Techniques☆35Updated 3 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆54Updated 4 years ago
- ☆43Updated 7 years ago
- A collection of well labeled ELF binaries compiled from benign and malicious code in various ways. Great for exploring similarity in exec…☆81Updated 5 months ago