danielplohmann / mcrit

Related projects ⓘ

Alternatives and complementary repositories for mcrit

• mbrengel / yarix
  ☆57Updated 3 years ago
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 2 years ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• danielplohmann / mcrit-data
  A collection of ready-to-use library code and symbols for the MinHash-based Code Relationship & Investigation Toolkit (MCRIT)
  ☆11Updated 5 months ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆62Updated 6 months ago
• g-les / floss2yar
  ☆15Updated 2 years ago
• FernandoDoming / r2diaphora
  Port of the binary diffing library, diaphora, for radare2 and mariadb
  ☆47Updated last year
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆171Updated 9 months ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆85Updated last year
• danielplohmann / docker-mcrit
  Dockerized Setup for the MinHash-based Code Recognition & Investigation Toolkit (MCRIT)
  ☆15Updated 5 months ago
• c3rb3ru5d3d53c / mwcfg-modules
  Malware Configuration Extraction Modules
  ☆47Updated 11 months ago
• 0x534a / dynmx
  Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
  ☆82Updated last year
• pan-unit42 / dotnetfile
  ☆99Updated 11 months ago
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 3 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆16Updated 4 years ago
• thewhiteninja / deobshell
  Powershell script deobfuscation using AST in Python
  ☆61Updated 10 months ago
• Bw3ll / JOP_ROCKET
  This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…
  ☆100Updated 2 months ago
• CERT-Polska / training-mwdb
  MWDB exercises
  ☆19Updated 5 months ago
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆25Updated 4 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• eleemosynator / writeups
  Write-ups for crackmes and CTF challenges
  ☆49Updated last year
• n1ght-w0lf / HawkEye
  Malware dynamic instrumentation tool based on frida framework
  ☆101Updated 4 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆141Updated 9 months ago
• danielplohmann / idascope
  An IDA Pro extension for easier (malware) reverse engineering
  ☆110Updated 2 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 2 years ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆102Updated 2 years ago