Mipu94 / BroIDS_Unicorn
simple plugin to detect shellcode on Bro IDS with Unicorn
☆33Updated 8 years ago
Alternatives and similar repositories for BroIDS_Unicorn:
Users that are interested in BroIDS_Unicorn are comparing it to the libraries listed below
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆36Updated 9 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆42Updated 8 years ago
- Memory forensics of virtualization environments☆46Updated 10 years ago
- Test suite for bypassing Malware sandboxes.☆39Updated 10 years ago
- library to decode/parse zeus-like configuration files☆29Updated 6 years ago
- ☆32Updated 8 months ago
- Framework to automatically test and explore the capabilities of generic AV engines☆70Updated 6 years ago
- QEMU with rVMI extensions☆25Updated 7 years ago
- POC for IAT Parsing Payloads☆47Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 8 years ago
- Volatility Plugins☆21Updated 9 years ago
- Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"☆26Updated 5 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- Binary Analysis Platform☆73Updated 11 years ago
- Archive Mirror for recently republished PoC/Exploit code☆17Updated 7 years ago
- Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns☆67Updated 7 years ago
- API functions for Malware Research☆35Updated 5 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- Identify botnet panels with Ensembled Decision Trees☆18Updated 8 years ago
- Haskell parser for the REIL intermediate language (currently a work-in-progress)☆11Updated 7 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- ☆33Updated 9 years ago
- Malware.lu configuration extractor☆24Updated 10 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- IDATACO IDA Pro Plugin☆47Updated 8 years ago
- zer0m0n driver for cuckoo sandbox☆21Updated 10 years ago
- Run a windows process with many inputs and catch exit codes☆14Updated 9 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- r2yara - Module for Yara using radare2 information☆34Updated last year
- IDA Pro plugin that rename functions on load, based on functionality☆19Updated 7 years ago