fkie-cad / RoAMerLinks
Robust Automated Malware Unpacker
☆84Updated 2 years ago
Alternatives and similar repositories for RoAMer
Users that are interested in RoAMer are comparing it to the libraries listed below
Sorting:
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Capa analysis importer for Ghidra.☆61Updated 4 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- IDA python plugin to scan binary with Yara rules☆175Updated last year
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated last week
- Generating YARA rules based on binary code☆212Updated 3 years ago
- Yet another rule generator for Yara☆29Updated 2 weeks ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- ☆71Updated last year
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆115Updated 2 years ago
- ☆59Updated 4 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆41Updated 5 years ago
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆51Updated last year
- Analyses in IDA/Hex-Rays☆83Updated 2 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- Malware Configuration Extraction Modules☆50Updated last year
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆236Updated last week
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆250Updated 2 years ago
- Ghidra plugin for https://analyze.intezer.com☆71Updated 2 years ago
- ☆106Updated last year
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- Static unpacker for FinSpy VM☆101Updated 3 years ago
- ☆13Updated 2 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆76Updated 3 years ago
- API Logger for Windows Executables☆78Updated 4 years ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- Symbol hash for ELF files☆111Updated 3 years ago