ElvisBlue / emotet-deobfuscator

Related projects: ⓘ

• michaeljgoodman / Dumpulator-IDA
  Currently proof-of-concept
  ☆16Updated 2 years ago
• sterrasec / genpatch
  genpatch is IDA plugin that generates a python script for patching binary
  ☆30Updated 8 months ago
• gkucherin / de4dot
  .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).
  ☆29Updated 2 years ago
• govcert-ch / ConfuserEx_IDAPython
  IDA Python deobfuscation script for ConfuserEx binaries
  ☆34Updated 2 years ago
• JLeow00 / malwarebytes-crackme-3
  Writeup and scripts for the 2021 malwarebytes crackme
  ☆10Updated 2 years ago
• MahmoudZohdy / Anti-Analysis-DebuggerInjection
  Anti-Analysis technique, trick the debugger by Hiding events from it.
  ☆18Updated 3 years ago
• hasherezade / flareon2023
  ☆25Updated 10 months ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆31Updated last year
• NtQuerySystemInformation / Malware-RE-papers
  Here are some of my malware reversing papers that I will be publishing
  ☆30Updated 2 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• mrexodia / MBR
  EDR PoC WIP LLC
  ☆10Updated 7 months ago
• h311d1n3r / LetsHook
  A Windows API hooking library !
  ☆30Updated 2 years ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆26Updated 2 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• namazso / PEDiffGen
  Subtract one PE file from another!
  ☆19Updated 2 years ago
• 0vercl0k / KEPaboo
  Neutralize KEPServerEX anti-debugging techniques
  ☆30Updated last year
• Pusty / Obfuscat
  Obfuscat is a tool and framework for obfuscation with predictable size and runtime overhead.
  ☆33Updated 8 months ago
• milankovo / hexinlay
  Inlay hints for hex-rays
  ☆18Updated this week
• malware-unicorn / pteroioctl-hook
  A driver to implement IOCTL hooking
  ☆23Updated 2 years ago
• connormcgarr / Presentations
  ☆25Updated 9 months ago
• Xienim / Delphi-Kawaii
  Delphi-Kawaii is a plugin for Ida Pro.
  ☆16Updated last year
• P1tt1cus / FastSymApi
  FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.
  ☆17Updated this week
• n1ght-w0lf / pe-unmapper
  A small tool to unmap PE memory dumps.
  ☆11Updated 10 months ago
• x0r19x91 / code-injection
  ☆12Updated this week
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆13Updated last year
• alexander-hanel / RenameLocalVars
  RenameLocalVars is an IDA plugin that renames local variables to something easier to read.
  ☆15Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆27Updated 2 years ago
• gabriellandau / CISpotter
  Code Integrity Violation Spotter
  ☆16Updated 3 months ago
• uf0o / PyKD
  PyKD DLLs for x86 and x64 platforms
  ☆14Updated last year
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆57Updated last year