Big5-sec / pcode2code

Related projects ⓘ

Alternatives and complementary repositories for pcode2code

• bontchev / pcodedmp
  A VBA p-code disassembler
  ☆458Updated 3 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• jthuraisamy / ioctlpus
  ☆107Updated 4 years ago
• kirk-sayre-work / VBASeismograph
  A tool for detecting VBA stomping.
  ☆96Updated 2 years ago
• pan-unit42 / dotnetfile
  ☆100Updated last year
• enkomio / RunDotNetDll
  A simple utility to list all methods of a given .NET Assembly and to invoke them
  ☆71Updated 3 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆176Updated 5 years ago
• jthuraisamy / DIRT
  Driver Initial Reconnaissance Tool
  ☆120Updated 4 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆62Updated 3 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆73Updated 10 years ago
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆171Updated 9 months ago
• hexfati / SharpDllLoader
  A simple C# executable that invokes an arbitrary method of an arbitrary C# DLL
  ☆129Updated 8 months ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆77Updated 4 years ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• VirusTotal / vt-ida-plugin
  Official VirusTotal plugin for IDA Pro
  ☆155Updated 10 months ago
• danielplohmann / apiscout
  This project aims at simplifying Windows API import recovery on arbitrary memory dumps
  ☆241Updated last year
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 3 years ago
• 0ver-fl0w / ISFB_Tools
  List of tools to assist in analyzing samples of ISFB/Gozi/Ursnif
  ☆15Updated 5 years ago
• KasperskyLab / VBscriptInternals
  Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
  ☆83Updated 2 years ago
• Fare9 / Windows-Internals
  My repository to upload drivers from different books and all the information related to windows internals.
  ☆154Updated 5 years ago
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆425Updated 4 years ago
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆272Updated last year
• williballenthin / python-sdb
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆106Updated 3 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆117Updated 4 years ago
• fboldewin / COM-Code-Helper
  Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
  ☆178Updated 4 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆204Updated 3 years ago