google / vxsigLinks
Automatically generate AV byte signatures from sets of similar binaries.
☆273Updated 6 months ago
Alternatives and similar repositories for vxsig
Users that are interested in vxsig are comparing it to the libraries listed below
Sorting:
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆236Updated last week
- Generating YARA rules based on binary code☆212Updated 3 years ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆124Updated last month
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆250Updated 2 years ago
- grap: define and match graph patterns within binaries☆154Updated 3 years ago
- IDA python plugin to scan binary with Yara rules☆175Updated last year
- Robust Automated Malware Unpacker☆84Updated 2 years ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- ☆115Updated 8 years ago
- Trigram database written in C++, suited for malware indexing☆125Updated 8 months ago
- Symbol hash for ELF files☆111Updated 3 years ago
- Toolkit for enriching and speeding up static malware analysis☆168Updated 3 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆93Updated last week
- Tools for instrumenting Windows Defender's mpengine.dll☆300Updated 6 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆129Updated 2 weeks ago
- Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)☆235Updated 8 months ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- A tool to detect and crash Cuckoo Sandbox☆294Updated 11 months ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- ☆226Updated 2 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆183Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- A novel technique to hide code from debuggers & disassemblers☆156Updated 10 months ago
- ☆227Updated 2 years ago
- ☆99Updated last year
- Idapython script to carve binary for internal RPC structures☆234Updated last year
- ☆183Updated 2 years ago
- scripts/plugins for IDA Pro☆173Updated 5 months ago
- Script analysis tool based on Frida.re☆128Updated 8 years ago