GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
☆119Apr 8, 2023Updated 2 years ago
Alternatives and similar repositories for GarbageMan
Users that are interested in GarbageMan are comparing it to the libraries listed below
Sorting:
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Mar 9, 2026Updated last week
- ☆116Feb 13, 2026Updated last month
- MalUnpack companion driver☆98Jun 17, 2024Updated last year
- Parse .NET executable files.☆85Jan 31, 2026Updated last month
- IDA Pro plugin for recognizing known hashes of API function names☆83May 12, 2022Updated 3 years ago
- GeMU, the generic malware unpacker based on QEMU☆24Feb 10, 2026Updated last month
- ☆37Dec 27, 2021Updated 4 years ago
- Dynamic unpacker based on PE-sieve☆797Sep 13, 2025Updated 6 months ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58May 24, 2021Updated 4 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆264Aug 23, 2023Updated 2 years ago
- A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.☆94Apr 17, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆113Apr 20, 2021Updated 4 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- ETW based POC to identify direct and indirect syscalls☆189Apr 19, 2023Updated 2 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆856Feb 2, 2024Updated 2 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆19Jul 15, 2021Updated 4 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- A utility to fix intentionally corrupted UPX packed files.☆93May 22, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- A DTrace on Windows Reimplementation☆372Mar 12, 2026Updated last week
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- ☆182Apr 24, 2025Updated 10 months ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- A command line Windows API tracing tool for Golang binaries.☆159Dec 4, 2023Updated 2 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆142Sep 19, 2022Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- Killing your preferred antimalware by abusing native symbolic links and NT paths.☆359Jan 29, 2022Updated 4 years ago
- .NET Assembly Dumper☆999Feb 2, 2023Updated 3 years ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago
- [deprecated] Simple x64dbg plugin to save a full memory dump☆50Oct 10, 2022Updated 3 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆58Sep 15, 2025Updated 6 months ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆40Mar 3, 2026Updated 2 weeks ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- High Octane Triage Analysis☆824Updated this week
- A simple dnSpy extension for easily renaming members.☆20May 27, 2023Updated 2 years ago