GlacierW / MBA
Malware Behavior Analyzer
☆158Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for MBA
- ☆91Updated 8 years ago
- Windows API tracer for malware (oldname: unitracer)☆116Updated 7 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆132Updated 8 years ago
- ☆112Updated 8 years ago
- Automated malware unpacker☆118Updated 8 years ago
- PEDA-like debugger UI for WinDbg☆201Updated 7 months ago
- flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.☆148Updated 7 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- DEFCON CTF 2017 Stuff of Shit by HITCON☆94Updated 7 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆88Updated 5 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆115Updated 5 years ago
- Toolkit for enriching and speeding up static malware analysis☆165Updated 2 years ago
- A set of scripts for a radare-based malware code analysis workflow☆67Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- C++ application that uses memory and code hooks to detect packers☆268Updated 6 years ago
- grap: define and match graph patterns within binaries☆169Updated 3 years ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆135Updated 3 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆180Updated 5 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆136Updated 7 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆83Updated 2 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 7 years ago
- C++-based shellcode builder☆112Updated 4 years ago
- A x86 systematic ROP payload generation☆57Updated 4 years ago
- Elevation of privilege detector based on HyperPlatform☆117Updated 7 years ago
- A pintool in order to unpack malware☆227Updated 8 years ago
- A set of exploitation/reversing aids for IDA☆415Updated 6 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆105Updated 11 months ago
- A Lightweight Malware Configuration Parsing Tool☆15Updated 5 years ago