google / vxsigLinks
Automatically generate AV byte signatures from sets of similar binaries.
☆279Updated 8 months ago
Alternatives and similar repositories for vxsig
Users that are interested in vxsig are comparing it to the libraries listed below
Sorting:
- Parsing of YARA rules into AST and building new rulesets in C++.☆126Updated last week
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆254Updated 2 years ago
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆242Updated last month
- Generating YARA rules based on binary code☆215Updated 3 years ago
- IDA python plugin to scan binary with Yara rules☆177Updated last year
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- Symbol hash for ELF files☆112Updated 3 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆94Updated last month
- Trigram database written in C++, suited for malware indexing☆126Updated 10 months ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- grap: define and match graph patterns within binaries☆154Updated 3 years ago
- ☆115Updated 9 years ago
- Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)☆238Updated 10 months ago
- ☆52Updated 6 years ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆115Updated 3 years ago
- Windows API tracer for malware (oldname: unitracer)☆119Updated 7 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆184Updated 4 years ago
- Official VirusTotal plugin for IDA Pro☆158Updated this week
- capemon: CAPE's monitor☆125Updated this week
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- ☆227Updated 2 years ago
- Tools for inspecting YARA bytecode☆20Updated 5 years ago
- ☆60Updated 4 years ago
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆51Updated 2 years ago
- scripts/plugins for IDA Pro☆176Updated 7 months ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- Yet another rule generator for Yara☆29Updated 2 months ago