Alternatives and similar repositories for mcrit:

Users that are interested in mcrit are comparing it to the libraries listed below

• mbrengel / yarix
  ☆57Updated 3 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆68Updated 10 months ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 2 years ago
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆89Updated last year
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆39Updated 3 years ago
• danielplohmann / docker-mcrit
  Dockerized Setup for the MinHash-based Code Recognition & Investigation Toolkit (MCRIT)
  ☆15Updated last month
• FernandoDoming / r2diaphora
  Port of the binary diffing library, diaphora, for radare2 and mariadb
  ☆50Updated last year
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆65Updated last year
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆172Updated last year
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated 2 years ago
• g-les / floss2yar
  ☆15Updated 2 years ago
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆27Updated 4 years ago
• Dump-GUY / ghidra_scripts
  ☆67Updated last year
• danielplohmann / mcrit-data
  A collection of ready-to-use library code and symbols for the MinHash-based Code Relationship & Investigation Toolkit (MCRIT)
  ☆11Updated 9 months ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆52Updated 3 years ago
• CybercentreCanada / Maco
  Maco - Malware config extractor framework
  ☆32Updated 2 weeks ago
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated last year
• c3rb3ru5d3d53c / mwcfg-modules
  Malware Configuration Extraction Modules
  ☆48Updated last year
• CERT-Polska / training-mwdb
  MWDB exercises
  ☆19Updated last month
• jk45054 / CTF-writeups
  Writeups for CTF challenges
  ☆30Updated last year
• pan-unit42 / dotnetfile
  ☆104Updated last year
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 4 years ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆43Updated last year
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 3 years ago
• n1ght-w0lf / HawkEye
  Malware dynamic instrumentation tool based on frida framework
  ☆104Updated 4 years ago
• Bw3ll / JOP_ROCKET
  This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…
  ☆100Updated 5 months ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆263Updated 2 months ago
• ald3ns / copy-as-yara
  This is a little plugin to copy disassembly in a way that is usable in YARA rules!
  ☆41Updated last year