danielplohmann / smdaLinks
SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
☆253Updated last week
Alternatives and similar repositories for smda
Users that are interested in smda are comparing it to the libraries listed below
Sorting:
- grap: define and match graph patterns within binaries☆156Updated 3 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆285Updated last year
- Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)☆242Updated last year
- ☆230Updated 3 years ago
- IDA Pro plugin to assist with complex graphs☆321Updated 2 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆128Updated 4 years ago
- A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor"…☆329Updated 3 months ago
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆261Updated 2 years ago
- idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro☆387Updated 2 years ago
- A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research☆466Updated 2 years ago
- Bindings for Microsoft WinDBG TTD☆233Updated 2 years ago
- Toolkit for enriching and speeding up static malware analysis☆168Updated 3 years ago
- IFL - Interactive Functions List (plugin for IDA Pro)☆485Updated last month
- ☆181Updated 7 years ago
- LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger☆220Updated 5 years ago
- IDA Signsrch☆159Updated 10 years ago
- Robust Automated Malware Unpacker☆86Updated 2 years ago
- The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by W…☆402Updated 2 years ago
- Devirtualize Virtual Calls☆115Updated 3 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆116Updated 3 years ago
- IDA python plugin to scan binary with Yara rules☆180Updated last year
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆72Updated 3 years ago
- Python bindings to Ghidra's SLEIGH library for disassembly and lifting to P-Code IR☆205Updated last week
- Windows API tracer for malware (oldname: unitracer)☆120Updated 8 years ago
- ☆226Updated 2 years ago
- A comprehensive binary emulation and instrumentation platform.☆417Updated 2 years ago
- Control-flow-flattening and string deobfuscator☆157Updated 4 years ago
- Code and exercises for a workshop on z3 and angr☆233Updated 5 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆184Updated 5 years ago
- Ghidra Program Analysis Library☆347Updated 2 years ago