High Octane Triage Analysis
☆817Updated this week
Alternatives and similar repositories for refinery
Users that are interested in refinery are comparing it to the libraries listed below
Sorting:
- A Binary Genetic Traits Lexer Framework☆522Aug 14, 2025Updated 6 months ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆855Feb 2, 2024Updated 2 years ago
- Windows kernel and user mode emulation.☆1,852Feb 19, 2026Updated last week
- Malduck is your ducky companion in malware analysis journeys☆349Jun 22, 2025Updated 8 months ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,844Updated this week
- Dynamic unpacker based on PE-sieve☆796Sep 13, 2025Updated 5 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆693Feb 19, 2026Updated last week
- Quickly debug shellcode extracted during malware analysis☆626May 23, 2023Updated 2 years ago
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,548Jan 20, 2026Updated last month
- YARA malware query accelerator (web frontend)☆437Feb 3, 2026Updated 3 weeks ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,897Updated this week
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Sep 19, 2022Updated 3 years ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,313Oct 31, 2025Updated 3 months ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,562Oct 31, 2025Updated 3 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,118Jul 10, 2024Updated last year
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,452Feb 14, 2026Updated last week
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Feb 5, 2026Updated 3 weeks ago
- A Pin Tool for tracing API calls etc☆1,620Feb 8, 2026Updated 2 weeks ago
- A machine learning tool that ranks strings based on their relevance for malware analysis.☆752Jan 22, 2026Updated last month
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆262Mar 27, 2023Updated 2 years ago
- A GUI and CLI tool for removing bloat from executables☆442Jul 5, 2025Updated 7 months ago
- Assortment of hashing algorithms used in malware☆391Feb 8, 2026Updated 2 weeks ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Malware Configuration And Payload Extraction☆3,019Feb 19, 2026Updated last week
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,266Feb 20, 2026Updated last week
- Distributed malware processing framework based on Python, Redis and S3.☆461Dec 1, 2025Updated 2 months ago
- Hardcore Debugging☆931Jan 6, 2026Updated last month
- Materials for Windows Malware Analysis training (volume 1)☆2,026Jul 1, 2024Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆119Apr 8, 2023Updated 2 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- A golang CLI tool to download malware from a variety of sources.☆151Jul 3, 2025Updated 7 months ago
- Automatically generate AV byte signatures from sets of similar binaries.☆287Dec 10, 2024Updated last year
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆477Jun 25, 2025Updated 8 months ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- The FLARE team's open-source extension to add Python 3 scripting to Ghidra.☆776May 8, 2024Updated last year
- yarGen is a generator for YARA rules☆1,776Jan 10, 2026Updated last month
- Chepy is a python lib/cli equivalent of the awesome CyberChef tool.☆1,029Feb 17, 2026Updated last week