alexander-hanel / gopep
Go Lang Portable Executable Parser
☆37Updated 3 years ago
Related projects: ⓘ
- WIP Emotet Control Flow Unflattening using miasm and radare2☆22Updated last year
- ☆66Updated last year
- Capa analysis importer for Ghidra.☆61Updated 3 years ago
- A collection of shellcode hashes☆17Updated 6 years ago
- Tools for inspecting YARA bytecode☆15Updated 4 years ago
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- Flare-On solutions☆36Updated 4 years ago
- TA505 unpacker Python 2.7☆45Updated 4 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆38Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- Ebfuscator: Abusing system errors for binary obfuscation☆52Updated 4 years ago
- Yet another rule generator for Yara☆24Updated 4 years ago
- TrashDBG the world's worse debugger☆24Updated 2 years ago
- ☆26Updated 5 years ago
- Hansel - a simple but flexible search for IDA☆25Updated 5 years ago
- Radare2 Metadata Extraction to Elasticsearch☆21Updated 3 months ago
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆32Updated 5 years ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆21Updated 2 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆73Updated 9 years ago
- ☆25Updated last year
- ☆18Updated 3 years ago
- Process reimaging proof of concept code☆95Updated 5 years ago
- Shim database persistence (Fin7 TTP)☆35Updated 4 years ago
- ☆23Updated 4 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆41Updated 8 months ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆88Updated 5 years ago
- Decode Royal Road RTF Weaponizer 8.t object☆22Updated 2 months ago
- A repository where I share my injection implemintations☆28Updated 4 years ago
- POC viruses I have created to demo some ideas☆58Updated 4 years ago