danielplohmann / mcritLinks
The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.
☆94Updated 3 weeks ago
Alternatives and similar repositories for mcrit
Users that are interested in mcrit are comparing it to the libraries listed below
Sorting:
- ☆60Updated 4 years ago
- Symbol hash for ELF files☆112Updated 3 years ago
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆51Updated 2 years ago
- Use YARA rules on Time Travel Debugging traces☆92Updated 2 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- Tools for inspecting YARA bytecode☆20Updated 5 years ago
- Yet another rule generator for Yara☆29Updated 2 months ago
- Set of tools to analyze Tinynuke samples☆15Updated 3 years ago
- ☆71Updated last year
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Capa analysis importer for Ghidra.☆62Updated 4 years ago
- Powershell script deobfuscation using AST in Python☆69Updated last year
- IDA python plugin to scan binary with Yara rules☆177Updated last year
- Automatically generate AV byte signatures from sets of similar binaries.☆278Updated 8 months ago
- Malware Configuration Extraction Modules☆51Updated last year
- ☆106Updated last year
- A collection of ready-to-use library code and symbols for the MinHash-based Code Relationship & Investigation Toolkit (MCRIT)☆11Updated 2 months ago
- An IDA Pro extension for easier (malware) reverse engineering☆115Updated 3 years ago
- MWDB exercises☆20Updated 7 months ago
- LERN GHIDRA☆92Updated last week
- Malware dynamic instrumentation tool based on frida framework☆108Updated 5 years ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆126Updated this week
- ☆52Updated 6 years ago
- SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create repr…☆115Updated 5 months ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- ☆106Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆149Updated last month