Fare9 / ANBU
ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
☆89Updated 5 years ago
Alternatives and similar repositories for ANBU:
Users that are interested in ANBU are comparing it to the libraries listed below
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- Flare-On solutions☆36Updated 5 years ago
- ☆51Updated 6 years ago
- Parsers for custom malware formats ("Funky malware formats")☆93Updated 3 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆84Updated 2 years ago
- IDA Pro resources, scripts, and configurations☆111Updated 11 months ago
- Hansel - a simple but flexible search for IDA☆26Updated 5 years ago
- Use angr inside the radare2 debugger. Create an angr state from the current debugger state.☆34Updated 5 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆93Updated 3 years ago
- ☆99Updated 8 months ago
- Simple library to spray the Windows Kernel Pool☆107Updated 5 years ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆40Updated 5 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- Use ltrace with pwnlib.tubes.process instances, useful for heap exploitation. Pwntools rocks!☆52Updated 6 years ago
- ☆26Updated 10 years ago
- ☆89Updated 5 years ago
- kernel pool windbg extension☆80Updated 9 years ago
- Windows API tracer for malware (oldname: unitracer)☆117Updated 7 years ago
- Static unpacker for FinSpy VM☆99Updated 3 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆181Updated 4 years ago
- Exploit code used for the HackSysExtremeVulnerableDriver.☆43Updated 6 years ago
- Python based angr plug in for IDA Pro.☆34Updated 7 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Updated 6 years ago
- A set of scripts for a radare-based malware code analysis workflow☆67Updated 6 years ago
- A Python tool to generate ROP chains☆60Updated last month
- POC viruses I have created to demo some ideas☆59Updated 4 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- Binary Ninja plugin that syncs WinDbg to Binary Ninja☆47Updated 6 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆71Updated 7 years ago