Alternatives and similar repositories for xori

Users that are interested in xori are comparing it to the libraries listed below

• secrary / makin

  View on GitHub
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆742Mar 17, 2019Updated 6 years ago
• mxmssh / drAFL

  View on GitHub
  AFL + DynamoRIO = fuzzing binaries with no source code on Linux
  ☆247Oct 1, 2019Updated 6 years ago
• Darkabode / zerokit

  View on GitHub
  Zerokit/GAPZ rootkit (non buildable and only for researching)
  ☆185Mar 30, 2019Updated 6 years ago
• Cisco-Talos / pyrebox

  View on GitHub
  Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
  ☆1,679Feb 14, 2024Updated 2 years ago
• gamozolabs / mesos

  View on GitHub
  Binary coverage tool without binary modification for Windows
  ☆446Aug 12, 2020Updated 5 years ago
• JeremyWildsmith / x86devirt

  View on GitHub
  A project that aims to automatically devirtualize code that has been virtualized using x86virt
  ☆126Dec 3, 2022Updated 3 years ago
• MalwareCantFly / Vba2Graph

  View on GitHub
  Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
  ☆280Dec 13, 2021Updated 4 years ago
• googleprojectzero / bochspwn-reloaded

  View on GitHub
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆310Feb 24, 2019Updated 6 years ago
• gaasedelen / lighthouse

  View on GitHub
  A Coverage Explorer for Reverse Engineers
  ☆2,491Jul 18, 2024Updated last year
• falconre / falcon

  View on GitHub
  Binary Analysis Framework in Rust
  ☆581Jan 22, 2024Updated 2 years ago
• hasherezade / malware_analysis

  View on GitHub
  Various snippets created during malware analysis
  ☆465Oct 3, 2025Updated 4 months ago
• secrary / idenLib

  View on GitHub
  idenLib - Library Function Identification [This project is not maintained anymore]
  ☆395Mar 17, 2019Updated 6 years ago
• carbonblack / binee

  View on GitHub
  Binee: binary emulation environment
  ☆530Feb 25, 2023Updated 2 years ago
• JusticeRage / Manalyze

  View on GitHub
  A static analyzer for PE executables.
  ☆1,104Jan 30, 2026Updated 2 weeks ago
• api0cradle / LOLBAS

  View on GitHub
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆1,612Dec 10, 2018Updated 7 years ago
• thalium / icebox

  View on GitHub
  Virtual Machine Introspection, Tracing & Debugging
  ☆595Feb 22, 2022Updated 3 years ago
• cmu-sei / pharos

  View on GitHub
  Automated static analysis tools for binary programs
  ☆1,669Dec 18, 2025Updated last month
• konatabrk / shellen

  View on GitHub
  Interactive shellcoding environment to easily craft shellcodes
  ☆907Feb 26, 2021Updated 4 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 4 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,262Nov 6, 2025Updated 3 months ago
• mandiant / FIDL

  View on GitHub
  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
  ☆468Apr 10, 2023Updated 2 years ago
• fgsect / unicorefuzz

  View on GitHub
  Fuzzing the Kernel Using Unicornafl and AFL++
  ☆305Jan 2, 2023Updated 3 years ago
• airbus-seclab / bincat

  View on GitHub
  Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free…
  ☆1,844Feb 25, 2025Updated 11 months ago
• Cisco-Talos / Ghidraaas

  View on GitHub
  ☆226May 1, 2023Updated 2 years ago
• googleprojectzero / functionsimsearch

  View on GitHub
  Some C++ example code to demonstrate how to perform code similarity searches using SimHashing.
  ☆559Jun 24, 2020Updated 5 years ago
• McGill-DMaS / Kam1n0-Community

  View on GitHub
  The Kam1n0 Assembly Analysis Platform
  ☆625Mar 2, 2023Updated 2 years ago
• decaf-project / DECAF

  View on GitHub
  DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the D…
  ☆835Nov 19, 2024Updated last year
• PAGalaxyLab / uniFuzzer

  View on GitHub
  A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer
  ☆344Aug 23, 2019Updated 6 years ago
• viper-framework / viper

  View on GitHub
  Binary analysis and management framework
  ☆1,557Jun 7, 2023Updated 2 years ago
• invictus1306 / functrace

  View on GitHub
  A function tracer
  ☆92Jun 4, 2019Updated 6 years ago
• DGA-MI-SSI / YaCo

  View on GitHub
  YaCo is an Hex-Rays IDA plugin. When enabled, multiple users can work simultaneously on the same binary. Any modification done by any use…
  ☆324Aug 5, 2019Updated 6 years ago
• danielplohmann / smda

  View on GitHub
  SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
  ☆252Jan 16, 2026Updated 3 weeks ago
• hasherezade / dll_to_exe

  View on GitHub
  Converts a DLL into EXE
  ☆820Jul 23, 2023Updated 2 years ago
• MojtabaTajik / Robber

  View on GitHub
  Robber is open source tool for finding executables prone to DLL hijacking
  ☆785Jun 23, 2022Updated 3 years ago
• KasperskyLab / klara

  View on GitHub
  Kaspersky's GReAT KLara
  ☆730Jul 24, 2024Updated last year
• fboldewin / COM-Code-Helper

  View on GitHub
  Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code
  ☆184Oct 5, 2020Updated 5 years ago
• panda-re / panda

  View on GitHub
  Platform for Architecture-Neutral Dynamic Analysis
  ☆2,718Feb 4, 2026Updated last week
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,553Oct 31, 2025Updated 3 months ago
• mandiant / flare-floss

  View on GitHub
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,877Feb 3, 2026Updated last week