buffer / libemu
x86 emulation and shellcode detection
☆138Updated 5 months ago
Related projects: ⓘ
- ☆112Updated 8 years ago
- ☆149Updated this week
- Generating YARA rules based on binary code☆198Updated 2 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆256Updated 7 months ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆104Updated 3 years ago
- A Libemu Cython wrapper☆125Updated 9 months ago
- FLARE Kernel Shellcode Loader☆176Updated 5 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆128Updated last year
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆115Updated 5 years ago
- Windows API tracer for malware (oldname: unitracer)☆116Updated 6 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- A tool to detect and crash Cuckoo Sandbox☆286Updated last month
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆155Updated last month
- Transfer EIP control to shellcode during malware analysis investigation☆73Updated 9 years ago
- Smart DLL execution for malware analysis in sandbox systems☆141Updated 9 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆83Updated 2 years ago
- ☆134Updated 5 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆88Updated 5 years ago
- Fork of mona.py with x64dbg support☆95Updated 2 years ago
- A Yara rule generator for finding related samples and hunting☆155Updated 2 years ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆202Updated 10 years ago
- Automated malware unpacker☆118Updated 8 years ago
- DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior☆266Updated 4 years ago
- ☆203Updated this week
- Parsing of YARA rules into AST and building new rulesets in C++.☆115Updated 2 weeks ago
- Various Yara signatures (possibly to be included in a release later).☆83Updated 5 years ago
- Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.☆161Updated last year
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆278Updated 7 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆117Updated 4 years ago