Alternatives and similar repositories for maldoca

Users that are interested in maldoca are comparing it to the libraries listed below

• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆129Updated 2 weeks ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆47Updated last week
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆285Updated last year
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Updated last year
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆32Updated 5 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆83Updated last month
• zodiacon / syllabi
  ☆65Updated 2 years ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆145Updated last week
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆96Updated 2 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆133Updated 2 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated 3 years ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆83Updated last week
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆145Updated 5 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆120Updated 2 years ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆80Updated 5 years ago
• hfiref0x / MpEnum
  Enumerate Windows Defender threat families and dump their names according category
  ☆93Updated 6 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆124Updated 5 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆36Updated 4 months ago
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆49Updated 8 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆98Updated 4 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆73Updated 3 years ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆113Updated 4 years ago
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆71Updated 5 years ago
• palantir / exploitguard
  Documentation and supporting script sample for Windows Exploit Guard
  ☆169Updated 5 months ago
• ITAYC0HEN / SUNBURST-Cracked
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Updated 5 years ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆179Updated 6 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆220Updated 3 years ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆119Updated 2 years ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆151Updated 7 months ago
• intezer / analyze-community-ghidra-plugin
  Ghidra plugin for https://analyze.intezer.com
  ☆72Updated 3 years ago