Vibe Malware Triage - MCP server for static PE analysis.
☆76Dec 1, 2025Updated 3 months ago
Alternatives and similar repositories for TriageMCP
Users that are interested in TriageMCP are comparing it to the libraries listed below
Sorting:
- RISC-V Disassembler☆18Aug 25, 2020Updated 5 years ago
- Python3 utility for creating zip files that smuggle additional data for later extraction☆265May 15, 2025Updated 9 months ago
- Develop macOS apps on Windows with seamless cross-platform tools.☆16Jun 5, 2025Updated 9 months ago
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- Rule Engine for Dynamic Malware Analysis and Research☆25Apr 16, 2025Updated 10 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 8 months ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 9 months ago
- Evasion by machine code de-optimization.☆417Jul 22, 2024Updated last year
- Quickly find differences and similarities in disassembled code☆40Nov 21, 2024Updated last year
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Sep 5, 2021Updated 4 years ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated 2 weeks ago
- ☆32Jun 1, 2024Updated last year
- obfuscation that aims to not stand out☆24Mar 27, 2022Updated 3 years ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆60Dec 11, 2024Updated last year
- x86-64 virtualizing obfuscator written in Rust☆78Nov 16, 2023Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆144Updated this week
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆338Jun 2, 2025Updated 9 months ago
- PDB Rewriting Rust Library☆27Apr 26, 2024Updated last year
- IFL - Interactive Functions List (plugin for Binary Ninja)☆25Jul 9, 2024Updated last year
- An optimizing decompiler (modified to use remill semantics)☆30Jan 4, 2019Updated 7 years ago
- scripting IDA like a Pro☆24Oct 27, 2020Updated 5 years ago
- ☆126Sep 1, 2024Updated last year
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- ☆24Feb 18, 2025Updated last year
- A native Windows x86/x64 library to retrieve a command line from a process ID☆21Oct 31, 2020Updated 5 years ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆56Jul 13, 2025Updated 7 months ago
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- ☆10Jul 1, 2023Updated 2 years ago
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆435Dec 21, 2023Updated 2 years ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 6 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Windows Minidump loader for Ghidra☆29Sep 30, 2022Updated 3 years ago
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆76May 19, 2024Updated last year
- kernel-mode DLL Injector☆127Apr 24, 2025Updated 10 months ago