icchy / tracecornLinks
Windows API tracer for malware (oldname: unitracer)
☆118Updated 7 years ago
Alternatives and similar repositories for tracecorn
Users that are interested in tracecorn are comparing it to the libraries listed below
Sorting:
- PEDA-like debugger UI for WinDbg☆204Updated last year
- ☆99Updated last year
- ☆100Updated last year
- ☆115Updated 8 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆111Updated last year
- Toolkit for enriching and speeding up static malware analysis☆168Updated 3 years ago
- ☆91Updated 8 years ago
- IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplot…☆140Updated 4 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆91Updated 6 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆120Updated 9 years ago
- grap: define and match graph patterns within binaries☆154Updated 3 years ago
- ☆180Updated 6 years ago
- Static unpacker for FinSpy VM☆101Updated 3 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆55Updated 5 years ago
- grap: define and match graph patterns within binaries☆171Updated 4 years ago
- ☆52Updated 6 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆120Updated 6 years ago
- scripts/plugins for IDA Pro☆173Updated 5 months ago
- Fuzz and Detect "Use After Free" vulnerability in win32k.sys ( Heap based )☆133Updated 9 years ago
- IDA python plugin to scan binary with Yara rules☆175Updated last year
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Updated 2 years ago
- Python scripts for reverse engineering.☆184Updated 4 years ago
- MrsPicky - An IDAPython decompiler script that helps auditing memcpy() and memmove() calls☆125Updated last year
- A DBI tool to discover heap memory related bugs☆125Updated 6 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆134Updated 6 years ago
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆183Updated 4 years ago
- ☆89Updated 6 years ago
- This IDAPython script tags subroutines according to their use of imported functions☆73Updated 4 years ago
- ☆227Updated 2 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago