airbus-cert / yara-ttdView external linksLinks
Use YARA rules on Time Travel Debugging traces
☆96Jul 11, 2023Updated 2 years ago
Alternatives and similar repositories for yara-ttd
Users that are interested in yara-ttd are comparing it to the libraries listed below
Sorting:
- This tool calculates tricky canonical huffman histogram for CVE-2023-4863.☆26Dec 20, 2023Updated 2 years ago
- Extract data of TTD trace file to a minidump☆31Jul 31, 2023Updated 2 years ago
- ☆17Jun 30, 2020Updated 5 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆286Dec 10, 2024Updated last year
- A python library for generate ida pro files (*.idb/*.i64) in batch mode & compare executable files use bindiff in batch mode.☆32Jul 9, 2025Updated 7 months ago
- Tools for offensive security of NetBackup infrastructures☆43Jun 6, 2023Updated 2 years ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 2 years ago
- PoC compilation of libyara into WASM, for potential future CyberChef integration☆14Sep 18, 2022Updated 3 years ago
- Official VirusTotal plugin for IDA Pro☆177Feb 4, 2026Updated last week
- 关于intel和amd指令行为不一样这件事☆62Apr 15, 2022Updated 3 years ago
- Bindings for Microsoft WinDBG TTD☆234Aug 5, 2023Updated 2 years ago
- FastSymApi - A Fast API PDB Symbol Cache Server that efficiently caches and compresses PDBs on disk for quick and repeated retrieval.☆19Updated this week
- Show all mapped memory in a process☆21Oct 27, 2023Updated 2 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆35Mar 28, 2021Updated 4 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- Python tool to check rootkits in Windows kernel☆207Aug 20, 2025Updated 5 months ago
- 一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,☆23Dec 2, 2023Updated 2 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Aug 7, 2024Updated last year
- IDA Pro plugin for recognizing known hashes of API function names☆83May 12, 2022Updated 3 years ago
- Time Travel Debugging IDA plugin☆593Jun 27, 2024Updated last year
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆32Apr 13, 2017Updated 8 years ago
- ☆90Feb 12, 2025Updated last year
- A Windows kernel dump C++ parser library with Python 3 bindings.☆213Oct 5, 2025Updated 4 months ago
- Structured Bindings Pack - serialize C++ structs into MessagePack binary form☆21Nov 4, 2020Updated 5 years ago
- POC for CVE-2023-29360☆12Aug 31, 2024Updated last year
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- A fast execution trace symbolizer for Windows.☆130May 6, 2024Updated last year
- ☆21Oct 4, 2015Updated 10 years ago
- ☆61May 25, 2022Updated 3 years ago
- Powershell Linter☆87Feb 6, 2026Updated last week
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- An eBPF detection program for CVE-2022-0847☆29Jul 5, 2022Updated 3 years ago
- Rust binding for Keystone assembler framework☆11Dec 9, 2018Updated 7 years ago
- X32DBG QT5 parsing scripts☆11Sep 8, 2022Updated 3 years ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆14Jul 19, 2025Updated 6 months ago
- Windows Kernel Mode PCRE☆10Feb 4, 2015Updated 11 years ago
- Detect VM and Hypervisor☆10Jun 16, 2021Updated 4 years ago
- ☆11Jan 8, 2022Updated 4 years ago
- DbgFlashVul☆12Sep 8, 2015Updated 10 years ago