Big5-sec / pcode2codeLinks
a vba pcode decompiler based on pcodedmp
☆109Updated 3 years ago
Alternatives and similar repositories for pcode2code
Users that are interested in pcode2code are comparing it to the libraries listed below
Sorting:
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆184Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- A VBA p-code disassembler☆476Updated 4 years ago
- Generating YARA rules based on binary code☆215Updated 3 years ago
- ☆71Updated last year
- Transfer EIP control to shellcode during malware analysis investigation☆77Updated 10 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆115Updated 3 years ago
- Official VirusTotal plugin for IDA Pro☆158Updated this week
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 3 years ago
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆254Updated 2 years ago
- Windows Crypto API compatible decryption/encryption for python☆48Updated 2 years ago
- FLARE Kernel Shellcode Loader☆179Updated 6 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆162Updated 8 months ago
- IDA python plugin to scan binary with Yara rules☆177Updated last year
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆303Updated 6 years ago
- Windows API tracer for malware (oldname: unitracer)☆119Updated 7 years ago
- ☆106Updated 6 years ago
- API Logger for Windows Executables☆78Updated 4 years ago
- Set of antianalysis techniques found in malware☆131Updated 2 years ago
- Capa analysis importer for Ghidra.☆62Updated 4 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆67Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆139Updated 2 years ago
- analysis of visual basic code☆44Updated 7 years ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆166Updated 3 weeks ago
- Windows Shortcut file (LNK) parser☆136Updated 2 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆279Updated 8 months ago
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago