☆76Nov 30, 2023Updated 2 years ago
Alternatives and similar repositories for IDAPython-Malware-Scripts
Users that are interested in IDAPython-Malware-Scripts are comparing it to the libraries listed below
Sorting:
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- UnpacMe IDA Byte Search☆29Nov 20, 2023Updated 2 years ago
- VCL-based UI components for system tools that use NtUtilsLibrary☆21Nov 20, 2025Updated 3 months ago
- A ready-made template for a project based on libpeconv.☆51Oct 31, 2025Updated 3 months ago
- Parsers for custom malware formats ("Funky malware formats")☆98Jan 8, 2022Updated 4 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- MalUnpack companion driver☆99Jun 17, 2024Updated last year
- What makes it page☆17Aug 24, 2022Updated 3 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆28Feb 15, 2022Updated 4 years ago
- Capa analysis importer for Ghidra.☆64Dec 2, 2020Updated 5 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆57Sep 15, 2025Updated 5 months ago
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 3 years ago
- Some of my publicly available Malware analysis and Reverse engineering.☆932Jun 3, 2024Updated last year
- ☆23May 23, 2024Updated last year
- x64dbg scripts for finding OEP of packers☆15Oct 22, 2018Updated 7 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆855Feb 2, 2024Updated 2 years ago
- This IDA Python plugin is intended to get you started creating IDA Plugins with Python, recognize the importance of deobfuscating strings…☆30Dec 16, 2020Updated 5 years ago
- ☆27Jul 11, 2022Updated 3 years ago
- Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.☆17Feb 6, 2023Updated 3 years ago
- Tools developed by the Zscaler ThreatLabz Threat Intelligence team☆96Feb 9, 2026Updated 2 weeks ago
- Assortment of hashing algorithms used in malware☆391Feb 8, 2026Updated 2 weeks ago
- Parser for a custom executable formats from Hidden Bee and Rhadamanthys malware☆58Aug 6, 2025Updated 6 months ago
- ☆23Feb 3, 2021Updated 5 years ago
- Yet another variant of Process Hollowing☆458Jul 31, 2025Updated 7 months ago
- ☆26Apr 10, 2023Updated 2 years ago
- ☆18Mar 1, 2021Updated 4 years ago
- Code snips and notes☆140Mar 10, 2022Updated 3 years ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆163Aug 23, 2024Updated last year
- Dynamic unpacker based on PE-sieve☆796Sep 13, 2025Updated 5 months ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- A collection of anti disassembly techniques☆20Jul 22, 2017Updated 8 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- Creating a ransomware in a minute☆30Apr 25, 2023Updated 2 years ago
- Bash & Python scripts for daily life☆16Nov 27, 2018Updated 7 years ago
- A dnSpyEx extension for DotNet Universal Patcher.☆12Nov 24, 2023Updated 2 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- IFL - Interactive Functions List (plugin for IDA Pro)☆486Feb 17, 2026Updated last week