icchy / tracecorn
Windows API tracer for malware (oldname: unitracer)
☆117Updated 7 years ago
Alternatives and similar repositories for tracecorn:
Users that are interested in tracecorn are comparing it to the libraries listed below
- Toolkit for enriching and speeding up static malware analysis☆167Updated 3 years ago
- ☆100Updated 9 months ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆138Updated 3 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- ☆99Updated 9 months ago
- grap: define and match graph patterns within binaries☆154Updated 2 years ago
- ☆91Updated 8 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆120Updated 9 years ago
- scripts/plugins for IDA Pro☆171Updated 2 months ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆118Updated 6 years ago
- PEDA-like debugger UI for WinDbg☆202Updated 11 months ago
- Static unpacker for FinSpy VM☆100Updated 3 years ago
- ☆51Updated 6 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆108Updated last year
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆55Updated 5 years ago
- grap: define and match graph patterns within binaries☆170Updated 4 years ago
- A Tool to Unpack Self-Modifying Code using DynamoRIO☆141Updated 7 years ago
- ☆89Updated 5 years ago
- Analyses in IDA/Hex-Rays☆80Updated last year
- This IDAPython script tags subroutines according to their use of imported functions☆72Updated 3 years ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆132Updated 9 years ago
- ☆177Updated 6 years ago
- A DBI tool to discover heap memory related bugs☆125Updated 6 years ago
- ☆113Updated 8 years ago
- extending IDA's string navigation capabilities☆169Updated 4 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆120Updated 4 years ago
- A branch-monitor-based solution for process monitoring.☆132Updated 5 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆72Updated 2 years ago
- IDA Pro resources, scripts, and configurations☆111Updated last year