Scripts to run within Ghidra, maintained by the Trellix ARC team
☆127Jul 1, 2025Updated 8 months ago
Alternatives and similar repositories for GhidraScripts
Users that are interested in GhidraScripts are comparing it to the libraries listed below
Sorting:
- BSim signatures and databases for Ghidra to recover function symbols with☆13Jul 11, 2024Updated last year
- FunctionID databases for Ghidra to recover function symbols with from stripped binaries☆15Jun 19, 2024Updated last year
- ☆12Jan 28, 2026Updated last month
- Python Command-Line Ghidra Binary Diffing Engine☆741Sep 25, 2025Updated 5 months ago
- ☆11Dec 31, 2023Updated 2 years ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Mar 2, 2026Updated last week
- Go symbol recovery tool☆939Updated this week
- This tool bruteforces the file offset and base load address for a raw binary program file☆17Dec 31, 2025Updated 2 months ago
- ☆330Jun 20, 2024Updated last year
- QtREAnalyzer, a Ghidra extension to reverse-engineer Qt binaries.☆131Apr 27, 2025Updated 10 months ago
- Finds the base address of a firmware by comparing string addresses with target pointer addresses☆53Mar 9, 2025Updated 11 months ago
- Ghidra scripts for recovering string definitions in Go binaries☆128Nov 25, 2025Updated 3 months ago
- rpv-web is a browser based frontend for the rpv library☆27Nov 21, 2025Updated 3 months ago
- A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.☆289Jan 31, 2026Updated last month
- Quarkslab Bindiffer but not only !☆219May 5, 2025Updated 10 months ago
- ☆18Dec 13, 2022Updated 3 years ago
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆22Sep 24, 2023Updated 2 years ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- Ghidra analysis plugin to locate cryptographic constants☆81Mar 2, 2026Updated last week
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆73Jan 6, 2026Updated 2 months ago
- Code Coverage Exploration Plugin for Ghidra☆376Jul 19, 2024Updated last year
- A Pythonic Ghidra standard library☆187Feb 6, 2026Updated last month
- Read out-of-bounds PoC for miniupnpd <= v2.1☆21Jan 31, 2019Updated 7 years ago
- Ghidra Headless Python VScode Skeleton with Devcontainer Super Powers☆61Jun 27, 2025Updated 8 months ago
- ☆210Feb 19, 2025Updated last year
- Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of …☆48Feb 12, 2024Updated 2 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆128Feb 11, 2025Updated last year
- ThingFinder is a tool designed to facilitate searching and analysing code, whether it's source code or compiled binary executables. It pr…☆40Jun 16, 2024Updated last year
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆136Feb 11, 2026Updated 3 weeks ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.☆160Feb 22, 2020Updated 6 years ago
- decode bits into bytes☆46Apr 30, 2020Updated 5 years ago
- This repository contains relevant samples and data related to "Malware Reverse Engineering for Beginners" articles.☆63Feb 8, 2022Updated 4 years ago
- The FLARE team's open-source extension to add Python 3 scripting to Ghidra.☆778May 8, 2024Updated last year
- A Ghidra extension for Golang analysis☆29May 21, 2023Updated 2 years ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆28Jun 2, 2024Updated last year
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆28Feb 15, 2022Updated 4 years ago
- QEMU support for a custom board based on a Microchip ATSAMD21G18A microcontroller (MCU)☆14Jun 10, 2024Updated last year
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago