Big5-sec / pcode2code

Related projects: ⓘ

• bontchev / pcodedmp
  A VBA p-code disassembler
  ☆450Updated 3 years ago
• kirk-sayre-work / VBASeismograph
  A tool for detecting VBA stomping.
  ☆95Updated 2 years ago
• jthuraisamy / ioctlpus
  ☆107Updated 4 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆57Updated 3 years ago
• mandiant / dncil
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆133Updated this week
• crappycrypto / wincrypto
  Windows Crypto API compatible decryption/encryption for python
  ☆47Updated last year
• pan-unit42 / dotnetfile
  ☆97Updated 10 months ago
• hexfati / SharpDllLoader
  A simple C# executable that invokes an arbitrary method of an arbitrary C# DLL
  ☆127Updated 5 months ago
• Cyb3rWard0g / WinRpcFunctions
  ☆68Updated 2 years ago
• fboldewin / COM-Code-Helper
  Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
  ☆177Updated 3 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆176Updated 5 years ago
• KasperskyLab / VBscriptInternals
  Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
  ☆83Updated 2 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆73Updated 9 years ago
• VirusTotal / vt-ida-plugin
  Official VirusTotal plugin for IDA Pro
  ☆154Updated 8 months ago
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆155Updated last month
• danielplohmann / idascope
  An IDA Pro extension for easier (malware) reverse engineering
  ☆109Updated 2 years ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆117Updated 4 years ago
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆115Updated 5 years ago
• OmerYa / Named-Pipe-Sniffer
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Updated 7 years ago
• williballenthin / python-vb
  analysis of visual basic code
  ☆39Updated 6 years ago
• jthuraisamy / DIRT
  Driver Initial Reconnaissance Tool
  ☆119Updated 4 years ago
• tyranid / WindowsRpcClients
  This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…
  ☆269Updated 4 years ago
• nazywam / AutoIt-Ripper
  Extract AutoIt scripts embedded in PE binaries
  ☆160Updated 2 months ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• poona / APIMiner
  API Logger for Windows Executables
  ☆77Updated 3 years ago
• endgameinc / ClrGuard
  ☆213Updated 6 years ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆72Updated 5 months ago
• idan1288 / ProcessHollowing32-64
  Process Hollowing for 32 bit and 64 bit
  ☆78Updated 6 years ago