csvl / SEMALinks
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
☆115Updated 4 months ago
Alternatives and similar repositories for SEMA
Users that are interested in SEMA are comparing it to the libraries listed below
Sorting:
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated last week
- ☆71Updated 2 years ago
- ☆105Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- Dynamic-Static binary instrumentation framework on top of GDB☆51Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆72Updated 2 months ago
- ☆15Updated last year
- Writeups for CTF challenges☆31Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆42Updated 7 months ago
- A tool for firmware cartography☆157Updated last month
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- Slides, recordings and materials of my public presentations, talks and workshops.☆78Updated last month
- The malsource dataset☆11Updated 3 years ago
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- ☆31Updated 3 years ago
- How to retro theme your Ghidra☆35Updated 9 months ago
- Diaphora Machine Learning tools and datasets☆22Updated 10 months ago
- ☆33Updated 2 years ago
- Slides about HyperDbg☆39Updated 3 weeks ago
- Static Binary Instrumentation tool for Windows x64 executables☆207Updated 3 months ago
- Các IDA Flirt signatures HTC tạo☆20Updated 9 months ago
- ☆50Updated 2 weeks ago
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆130Updated 3 weeks ago
- Powershell script deobfuscation using AST in Python☆68Updated last year
- Tools developed by the Zscaler ThreatLabz Threat Intelligence team☆83Updated 2 weeks ago
- ☆25Updated 9 months ago
- Leveraging patch diffing to discover new vulnerabilities☆127Updated 9 months ago
- ☆28Updated 6 months ago
- Dataset of packed PE samples☆36Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago