NozomiNetworks / upx-recovery-tool

Related projects ⓘ

Alternatives and complementary repositories for upx-recovery-tool

• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆148Updated 10 months ago
• Sentinel-One / peafl64
  Static Binary Instrumentation tool for Windows x64 executables
  ☆180Updated last week
• thalium / symless
  ☆180Updated last year
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆74Updated 3 weeks ago
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆79Updated last year
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 2 years ago
• OALabs / hashdb-ida
  HashDB API hash lookup plugin for IDA Pro
  ☆296Updated 3 weeks ago
• commial / ttd-bindings
  Bindings for Microsoft WinDBG TTD
  ☆200Updated last year
• jk45054 / CTF-writeups
  Writeups for CTF challenges
  ☆30Updated 11 months ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆113Updated last year
• junron / auto-enum
  IDA/Binary Ninja Plugin to automatically identify and set enums for standard functions
  ☆342Updated last week
• allthingsida / allthingsida
  Repository for the code snippets from the AllThingsIDA video channel
  ☆88Updated 3 weeks ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆109Updated 3 months ago
• LAC-Japan / IDA_Plugin_AntiDebugSeeker
  Automatically identify and extract potential anti-debugging techniques used by malware.
  ☆116Updated 2 weeks ago
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆147Updated 11 months ago
• sha0coder / scemu
  x86 malware emulator
  ☆200Updated this week
• pan-unit42 / dotnetfile
  ☆99Updated 11 months ago
• OALabs / hexcopy-ida
  IDA plugin for quickly copying disassembly as encoded hex bytes
  ☆58Updated 2 years ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆343Updated last week
• waleedassar / SimpleNTSyscallFuzzer
  ☆131Updated 9 months ago
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆85Updated last year
• hasherezade / pe_unmapper
  Small tool to convert beteween the PE alignments (raw and virtual).
  ☆81Updated last year
• danielplohmann / idascope
  An IDA Pro extension for easier (malware) reverse engineering
  ☆110Updated 2 years ago
• huettenhain / ghidradark
  How to retro theme your Ghidra
  ☆28Updated last week
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆100Updated 2 weeks ago
• hugsy / recon_2024_windbg_workshop
  ☆71Updated 4 months ago
• alexander-hanel / unicorn-engine-notes
  Notes on using the Python bindings for the Unicorn Engine
  ☆69Updated 4 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆62Updated 6 months ago
• mandiant / dncil
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆158Updated this week