deptofdefense / SalSALinks
Salvaging Static Analysis
☆86Updated 6 years ago
Alternatives and similar repositories for SalSA
Users that are interested in SalSA are comparing it to the libraries listed below
Sorting:
- Transfer EIP control to shellcode during malware analysis investigation☆77Updated 10 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆92Updated 6 years ago
- POC viruses I have created to demo some ideas☆59Updated 5 years ago
- ☆115Updated 9 years ago
- Flare-On solutions☆36Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Micro…☆151Updated 5 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- Another Repo of Malware. Enjoy. <3☆59Updated 6 years ago
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- Just a normal flask web app to understand win32api with code snippets and references.☆74Updated 5 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 3 years ago
- Reflective Polymorphism☆106Updated 7 years ago
- ☆52Updated 6 years ago
- ☆66Updated 6 years ago
- Tool to view and create Microsoft shim database files (SDB).☆115Updated 8 years ago
- x86 emulation and shellcode detection☆152Updated last year
- Fork of mona.py with x64dbg support☆105Updated 3 years ago
- Various Yara signatures (possibly to be included in a release later).☆87Updated 6 years ago
- ☆71Updated last year
- Set of my small utils related to cryptography, encoding, decoding etc☆88Updated last year
- Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.☆158Updated 5 years ago
- A novel technique to hide code from debuggers & disassemblers☆156Updated last year
- Tool to make in memory man in the middle☆125Updated 6 years ago
- Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia…☆90Updated last year
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- Ghidra plugin for https://analyze.intezer.com☆71Updated 2 years ago
- kernel exploitation helper class☆77Updated 8 years ago
- A Python tool to generate ROP chains☆64Updated 7 months ago
- Capa analysis importer for Ghidra.☆62Updated 4 years ago