Alternatives and similar repositories for binlex

Users that are interested in binlex are comparing it to the libraries listed below

• c3rb3ru5d3d53c / mwcfg

  View on GitHub
  A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
  ☆131Nov 25, 2023Updated 2 years ago
• binref / refinery

  View on GitHub
  High Octane Triage Analysis
  ☆808Updated this week
• hasherezade / mal_unpack

  View on GitHub
  Dynamic unpacker based on PE-sieve
  ☆796Sep 13, 2025Updated 5 months ago
• mandiant / speakeasy

  View on GitHub
  Windows kernel and user mode emulation.
  ☆1,837Feb 4, 2026Updated last week
• google / vxsig

  View on GitHub
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆286Dec 10, 2024Updated last year
• mrexodia / dumpulator

  View on GitHub
  An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…
  ☆854Feb 2, 2024Updated 2 years ago
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,612Nov 25, 2025Updated 2 months ago
• danielplohmann / smda

  View on GitHub
  SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
  ☆252Jan 16, 2026Updated 3 weeks ago
• mandiant / dncil

  View on GitHub
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆171Feb 5, 2026Updated last week
• CERT-Polska / malduck

  View on GitHub
  Malduck is your ducky companion in malware analysis journeys
  ☆349Jun 22, 2025Updated 7 months ago
• OALabs / BlobRunner

  View on GitHub
  Quickly debug shellcode extracted during malware analysis
  ☆625May 23, 2023Updated 2 years ago
• mrphrazer / obfuscation_detection

  View on GitHub
  Binary Ninja plugin to identify obfuscated code and other interesting code constructs
  ☆650Mar 14, 2025Updated 11 months ago
• fxb-cocacoding / yara-signator

  View on GitHub
  Automatic YARA rule generation for Malpedia
  ☆168Sep 8, 2022Updated 3 years ago
• fox-it / mkYARA

  View on GitHub
  Generating YARA rules based on binary code
  ☆220Oct 7, 2021Updated 4 years ago
• thalium / icebox

  View on GitHub
  Virtual Machine Introspection, Tracing & Debugging
  ☆595Feb 22, 2022Updated 3 years ago
• tklengyel / drakvuf

  View on GitHub
  DRAKVUF Black-box Binary Analysis
  ☆1,207Feb 1, 2026Updated last week
• danielplohmann / mcrit

  View on GitHub
  The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…
  ☆96Jan 13, 2026Updated last month
• airbus-cert / ttddbg

  View on GitHub
  Time Travel Debugging IDA plugin
  ☆593Jun 27, 2024Updated last year
• carbonblack / binee

  View on GitHub
  Binee: binary emulation environment
  ☆530Feb 25, 2023Updated 2 years ago
• CERT-Polska / mquery

  View on GitHub
  YARA malware query accelerator (web frontend)
  ☆437Feb 3, 2026Updated last week
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,813Feb 5, 2026Updated last week
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,550Oct 31, 2025Updated 3 months ago
• avast / yarang

  View on GitHub
  Alternative YARA scanning engine
  ☆73Aug 23, 2022Updated 3 years ago
• unipacker / unipacker

  View on GitHub
  Automatic and platform-independent unpacker for Windows binaries based on emulation
  ☆739Aug 18, 2025Updated 5 months ago
• ergrelet / resym

  View on GitHub
  Cross-platform tool that allows browsing and extracting C and C++ type declarations from PDB files.
  ☆358Feb 9, 2025Updated last year
• CERT-Polska / drakvuf-sandbox

  View on GitHub
  DRAKVUF Sandbox - automated hypervisor-level malware analysis system
  ☆1,263Updated this week
• ergrelet / cpplumber

  View on GitHub
  Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects
  ☆86Oct 2, 2022Updated 3 years ago
• hasherezade / hollows_hunter

  View on GitHub
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,310Oct 31, 2025Updated 3 months ago
• mandiant / capa-rules

  View on GitHub
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆685Jan 30, 2026Updated 2 weeks ago
• avast / yari

  View on GitHub
  YARI is an interactive debugger for YARA Language.
  ☆90Sep 10, 2025Updated 5 months ago
• hasherezade / libpeconv

  View on GitHub
  A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl
  ☆1,323Oct 31, 2025Updated 3 months ago
• avast / yaramod

  View on GitHub
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆129Jan 25, 2026Updated 2 weeks ago
• Colton1skees / Dna

  View on GitHub
  LLVM based static binary analysis framework
  ☆300Apr 2, 2025Updated 10 months ago
• hasherezade / malware_training_vol1

  View on GitHub
  Materials for Windows Malware Analysis training (volume 1)
  ☆2,024Jul 1, 2024Updated last year
• SentineLabs / AlphaGolang

  View on GitHub
  IDApython Scripts for Analyzing Golang Binaries
  ☆665Aug 8, 2024Updated last year
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆212May 16, 2022Updated 3 years ago
• eset / ipyida

  View on GitHub
  IPython console integration for IDA Pro
  ☆832Oct 10, 2025Updated 4 months ago
• BehroozAbbassi / sdkffi

  View on GitHub
  A code parser for C-Style header files that lets you to parse function's prototypes and data types used in their parameters.
  ☆94Apr 17, 2022Updated 3 years ago
• ethereal-vx / Antivirus-Artifacts

  View on GitHub
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆753Nov 16, 2021Updated 4 years ago