advanced-threat-research/GhidraScripts external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

advanced-threat-research/GhidraScripts

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/advanced-threat-research/GhidraScripts)

Close

advanced-threat-research / GhidraScriptsView on GitHubMore

• External links
• Readme badge

Scripts to run within Ghidra, maintained by the Trellix ARC team

☆128Jul 1, 2025Updated 10 months ago

Alternatives and similar repositories for GhidraScripts

Users that are interested in GhidraScripts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• advanced-threat-research / BSim

  View on GitHub
  BSim signatures and databases for Ghidra to recover function symbols with
  ☆16Jul 11, 2024Updated last year
• advanced-threat-research / FIDBs

  View on GitHub
  FunctionID databases for Ghidra to recover function symbols with from stripped binaries
  ☆15Jun 19, 2024Updated last year
• itwaseasy / ghidra-fid-generator

  View on GitHub
  ☆11Dec 31, 2023Updated 2 years ago
• d-we / binja-golang-symbol-restore

  View on GitHub
  Binary Ninja plugin for restoring function names from stripped Golang binaries
  ☆14Oct 19, 2020Updated 5 years ago
• flounderK / ghidra_scripts

  View on GitHub
  ☆13Jan 28, 2026Updated 4 months ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• qtc-de / rpv-web

  View on GitHub
  rpv-web is a browser based frontend for the rpv library
  ☆28Nov 21, 2025Updated 6 months ago
• mandiant / dncil

  View on GitHub
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆175May 18, 2026Updated last week
• mandiant / GoReSym

  View on GitHub
  Go symbol recovery tool
  ☆996Mar 6, 2026Updated 2 months ago
• clearbluejar / ghidriff

  View on GitHub
  Python Command-Line Ghidra Binary Diffing Engine
  ☆769May 11, 2026Updated 2 weeks ago
• airbus-cyber / ghidralligator

  View on GitHub
  ☆327Jun 20, 2024Updated last year
• cyberkaida / golang-ghidra

  View on GitHub
  A Ghidra extension for Golang analysis
  ☆32May 21, 2023Updated 3 years ago
• nccgroup / ghostrings

  View on GitHub
  Ghidra scripts for recovering string definitions in Go binaries
  ☆133Nov 25, 2025Updated 6 months ago
• quarkslab / qbindiff

  View on GitHub
  Quarkslab Bindiffer but not only !
  ☆226May 5, 2025Updated last year
• EgeBalci / syscall_api

  View on GitHub
  ☆38Jun 5, 2023Updated 2 years ago
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• nbaertsch / nimHeapEnc

  View on GitHub
  Heap encryption in Nim
  ☆21Aug 25, 2024Updated last year
• 0xdea / ghidra-scripts

  View on GitHub
  A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
  ☆299Jan 31, 2026Updated 3 months ago
• 0x6d696368 / ghidra_scripts

  View on GitHub
  Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.
  ☆160Feb 22, 2020Updated 6 years ago
• gipi / ghidra_scripts

  View on GitHub
  ☆18Dec 13, 2022Updated 3 years ago
• antoniovazquezblanco / GhidraFindcrypt

  View on GitHub
  Ghidra analysis plugin to locate cryptographic constants
  ☆84May 18, 2026Updated last week
• diommsantos / QtREAnalyzer

  View on GitHub
  QtREAnalyzer, a Ghidra extension to reverse-engineer Qt binaries.
  ☆133Apr 27, 2025Updated last year
• msm-code / ghidralib

  View on GitHub
  A Pythonic Ghidra standard library
  ☆189Feb 6, 2026Updated 3 months ago
• getCUJO / ThreatIntel

  View on GitHub
  ☆210Feb 19, 2025Updated last year
• nccgroup / Cartographer

  View on GitHub
  Code Coverage Exploration Plugin for Ghidra
  ☆381Jul 19, 2024Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• bigsnarfdude / Malware-Probabilistic-Data-Structres

  View on GitHub
  NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure
  ☆15Mar 14, 2014Updated 12 years ago
• malpedia / malpedia-flossed

  View on GitHub
  FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.
  ☆80Jan 6, 2026Updated 4 months ago
• usualsuspect / yara_vt_mock

  View on GitHub
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆24May 29, 2023Updated 3 years ago
• cispa / indirect-meltdown

  View on GitHub
  Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…
  ☆22Sep 24, 2023Updated 2 years ago
• embee-research / CyberChef

  View on GitHub
  ☆16Mar 22, 2023Updated 3 years ago
• cmu-sei / kaiju

  View on GitHub
  CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…
  ☆141Mar 9, 2026Updated 2 months ago
• NyaMisty / ghidra_ida_til

  View on GitHub
  GDT (Ghidra Data Type) generated from IDA tils
  ☆21Mar 10, 2023Updated 3 years ago
• jpleasu / ghidraal

  View on GitHub
  A Ghidra extension for scripting with GraalVM languages, including Javascript, Python3, R, and Ruby.
  ☆63Apr 27, 2021Updated 5 years ago
• NextronSystems / gimphash

  View on GitHub
  Imphash-like calculation on Golang binaries
  ☆50Jul 2, 2022Updated 3 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• binarly-io / ToolsAndPoCs

  View on GitHub
  BINARLY Research Tools and PoCs
  ☆39Sep 27, 2024Updated last year
• 7eRoM / tutorials

  View on GitHub
  ☆17May 7, 2025Updated last year
• WithSecureLabs / GarbageMan

  View on GitHub
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆120Apr 8, 2023Updated 3 years ago
• 8051Enthusiast / allyourbase

  View on GitHub
  Finds the base address of a firmware by comparing string addresses with target pointer addresses
  ☆55Mar 9, 2025Updated last year
• rbmm / TL-TASK

  View on GitHub
  ☆19Sep 17, 2025Updated 8 months ago
• the2dl / chronicle_detection_public

  View on GitHub
  Public Chronicle Detection Rules
  ☆12Apr 25, 2023Updated 3 years ago
• VoidSec / VulnerableWindowsDrivers

  View on GitHub
  A collection of Vulnerable Windows Drivers
  ☆16Dec 4, 2021Updated 4 years ago