csvl / SEMALinks
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
☆115Updated 3 months ago
Alternatives and similar repositories for SEMA
Users that are interested in SEMA are comparing it to the libraries listed below
Sorting:
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated last week
- ☆14Updated 3 years ago
- Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"☆29Updated last year
- This repository contains dynamic and static tools for IoT malware analysis☆21Updated 2 years ago
- ☆43Updated last month
- ☆70Updated 2 years ago
- Practical Data-Only Attack Generation☆40Updated last year
- ☆36Updated last year
- Powershell script deobfuscation using AST in Python☆68Updated last year
- ☆102Updated 2 years ago
- Dynamic-Static binary instrumentation framework on top of GDB☆51Updated last year
- Dataset of packed PE samples☆35Updated 11 months ago
- Hardening code obfuscation against automated attacks☆133Updated last year
- Blogpost about optimizing binary-only fuzzing with AFL++�☆64Updated last year
- Writeups for CTF challenges☆31Updated last year
- A Unit-Based Symbolic Execution Method for Detecting Heap Overflow Vulnerability in Executable Codes☆22Updated 2 years ago
- PASTIS: Collaborative Fuzzing Framework☆162Updated last month
- A library for writing plugins in any decompiler: includes API lifting, common data formatting, and GUI abstraction!☆107Updated 3 weeks ago
- This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.☆42Updated 11 months ago
- ☆28Updated 4 months ago
- Automated Yara Rule generation using Biclustering☆67Updated 4 years ago
- AutoCorpus is a tool backed by a large language model (LLM) for automatically generating corpus files for fuzzing.☆71Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆73Updated last year
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Updated 4 months ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- ☆25Updated 2 years ago
- Forecasting Malware Capabilities From Cyber Attack Memory Images☆32Updated 2 years ago
- Robust Automated Malware Unpacker☆84Updated 2 years ago
- A tool for firmware cartography☆154Updated 2 weeks ago
- ☆12Updated 9 months ago