SouhailHammou / IDARay-PluginLinks
IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.
☆18Updated 6 years ago
Alternatives and similar repositories for IDARay-Plugin
Users that are interested in IDARay-Plugin are comparing it to the libraries listed below
Sorting:
- Hansel - a simple but flexible search for IDA☆26Updated 6 years ago
- A python script that can be used to scan data within in an IDB using Yara.☆23Updated 6 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- ☆100Updated last year
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆92Updated 6 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆34Updated 6 years ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆22Updated 6 years ago
- IDA Pro resources, scripts, and configurations☆114Updated last month
- ☆52Updated 6 years ago
- IDA python plugin to scan binary with Yara rules☆177Updated last year
- ida python scripts☆23Updated 7 years ago
- Flare-On solutions☆36Updated 5 years ago
- ☆23Updated 6 years ago
- ☆71Updated last year
- libemu shim layer and win32 environment for Unicorn Engine☆72Updated 8 years ago
- Yet another rule generator for Yara☆29Updated last month
- Analyses in IDA/Hex-Rays☆84Updated 2 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆115Updated 3 years ago
- Static unpacker for FinSpy VM☆101Updated 4 years ago
- Capa analysis importer for Ghidra.☆62Updated 4 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆120Updated 10 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- ☆99Updated last year
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆111Updated last year
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- Tools for static and dynamic analysis of ActionScript3 SWF files.☆46Updated 6 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- This IDAPython script tags subroutines according to their use of imported functions☆73Updated 4 years ago