csvl / SEMALinks
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
☆115Updated 6 months ago
Alternatives and similar repositories for SEMA
Users that are interested in SEMA are comparing it to the libraries listed below
Sorting:
- ☆82Updated last month
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆94Updated 3 weeks ago
- ☆109Updated 2 years ago
- Dynamic-Static binary instrumentation framework on top of GDB☆49Updated 2 years ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- FLARE Team's Binary Navigator☆284Updated 2 months ago
- How to retro theme your Ghidra☆35Updated 11 months ago
- A tool for firmware cartography☆159Updated 3 months ago
- ☆132Updated last week
- Slides, recordings and materials of my public presentations, talks and workshops.☆79Updated 3 months ago
- Powershell script deobfuscation using AST in Python☆71Updated 2 weeks ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated last year
- A headless, extendable, multi-session, IDA Pro MCP framework.☆62Updated last week
- Leveraging patch diffing to discover new vulnerabilities☆134Updated 11 months ago
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆42Updated 9 months ago
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆71Updated last year
- Static Binary Instrumentation tool for Windows x64 executables☆206Updated last week
- IDA Pro plugin to aid with the analysis of native IIS modules☆19Updated last year
- PASTIS: Collaborative Fuzzing Framework☆162Updated last week
- Damn Vulenerable Kernel Module for kernel fuzzing☆64Updated 11 months ago
- Tools developed by the Zscaler ThreatLabz Threat Intelligence team☆85Updated 2 weeks ago
- ☆56Updated 2 months ago
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆133Updated last month
- Hardening code obfuscation against automated attacks☆143Updated last year
- Get information about stripped rust executables☆36Updated 4 months ago
- A collection of modules and scripts to help with analyzing Nim binaries☆79Updated 11 months ago
- Slides about HyperDbg☆39Updated 2 months ago
- ☆15Updated 2 years ago
- Native Python3 bindings for @horsicq's Detect-It-Easy☆75Updated 4 months ago
- Các IDA Flirt signatures HTC tạo☆20Updated 11 months ago