icchy / tracecorn
Windows API tracer for malware (oldname: unitracer)
☆117Updated 7 years ago
Alternatives and similar repositories for tracecorn:
Users that are interested in tracecorn are comparing it to the libraries listed below
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- ☆99Updated 8 months ago
- Toolkit for enriching and speeding up static malware analysis☆167Updated 3 years ago
- grap: define and match graph patterns within binaries☆170Updated 4 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆118Updated 6 years ago
- ☆113Updated 8 years ago
- PEDA-like debugger UI for WinDbg☆202Updated 11 months ago
- grap: define and match graph patterns within binaries☆154Updated 2 years ago
- IDA Pro resources, scripts, and configurations☆111Updated 11 months ago
- ☆51Updated 6 years ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆137Updated 3 years ago
- ☆100Updated 8 months ago
- scripts/plugins for IDA Pro☆171Updated 2 months ago
- Static unpacker for FinSpy VM☆99Updated 3 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆119Updated 9 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆84Updated 2 years ago
- IDA python plugin to scan binary with Yara rules☆173Updated last year
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆108Updated last year
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆55Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆93Updated 3 years ago
- ☆91Updated 8 years ago
- Windows Crypto API compatible decryption/encryption for python☆47Updated 2 years ago
- Frida.re based RunPE (and MapViewOfSection) extraction tool☆111Updated 8 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆181Updated 4 years ago
- Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators☆86Updated 7 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆132Updated 9 years ago
- ☆177Updated 6 years ago
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆230Updated 2 weeks ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆133Updated 6 years ago