Rule Engine for Dynamic Malware Analysis and Research
☆25Apr 16, 2025Updated 10 months ago
Alternatives and similar repositories for alca
Users that are interested in alca are comparing it to the libraries listed below
Sorting:
- Collection of Cheat dumps for Research and Detection.☆16Jan 4, 2026Updated last month
- RE for champions☆15Updated this week
- PDB Rewriting Rust Library☆27Apr 26, 2024Updated last year
- A simple plugin for working with Swift Strings, optimized Swift Strings, and Swift Arrays during the reverse engineering of iOS binaries …☆22Jun 5, 2025Updated 8 months ago
- OFFZONE 2024 Malware Persistence workshop☆22Dec 18, 2024Updated last year
- Rust implementation of the rectcut algorithm described in https://halt.software/dead-simple-layouts/☆18Feb 13, 2023Updated 3 years ago
- Mixed Boolean Arithmetic Simplification using E-Graphs☆24May 1, 2025Updated 10 months ago
- Pure Go port of Hacker Disassembler Engine.☆25Feb 21, 2025Updated last year
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- Tracks cross references and allows fast viewing of pseudocode between references☆13Mar 10, 2025Updated 11 months ago
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆59Feb 21, 2026Updated last week
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆107Mar 15, 2021Updated 4 years ago
- Generate Proxy DLLs in Rust☆48Updated this week
- Port of zentool to Windows☆27Mar 7, 2025Updated 11 months ago
- Windows Minidump loader for Ghidra☆29Sep 30, 2022Updated 3 years ago
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- Develop macOS apps on Windows with seamless cross-platform tools.☆15Jun 5, 2025Updated 8 months ago
- A Delphi symbol name recovery tool for reverse engineers.☆23Jan 17, 2026Updated last month
- Small micro-coded RISC-V softcore☆15Nov 27, 2018Updated 7 years ago
- ☆13Jun 20, 2022Updated 3 years ago
- Pure-Python HashLink bytecode Swiss Army knife.☆22Nov 11, 2025Updated 3 months ago
- The trashvisor☆12Oct 25, 2020Updated 5 years ago
- The Binary Code Recognition Library for game hacking/modding and function reidentification for linux☆13Jan 25, 2026Updated last month
- Quickly find differences and similarities in disassembled code☆40Nov 21, 2024Updated last year
- WASMaker, a novel differential testing framework that can generate complicated Wasm test cases by disassembling and assembling real-world…☆17Jul 27, 2024Updated last year
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- Output high level Pcode (PcodeAST) in Ghidra☆16Apr 7, 2023Updated 2 years ago
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- a cute hook framwork(now for arm64)☆30Nov 28, 2017Updated 8 years ago
- A compiler for microarchitectural weird machines☆19Aug 10, 2024Updated last year
- ☆31Feb 28, 2025Updated last year
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆140Apr 12, 2024Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- Tiny C x86_64 function detouring library.☆28Jan 18, 2026Updated last month
- Ctrl+P plugin for Ghidra: quick search and command palette.☆36Dec 29, 2024Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Ghidra plugin that adds a window showing the high P-code for the current function.☆19Mar 11, 2023Updated 2 years ago
- Vibe Malware Triage - MCP server for static PE analysis.☆75Dec 1, 2025Updated 3 months ago
- Plugin for ida pro that copies RVA under cursor to clipboard.☆17Jul 28, 2023Updated 2 years ago