ixiacom / ATI

Related projects ⓘ

Alternatives and complementary repositories for ATI

• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• buffer / libemu
  x86 emulation and shellcode detection
  ☆148Updated 7 months ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• HexHive / malWASH
  ☆112Updated 8 years ago
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆115Updated 5 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆16Updated 4 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆73Updated 10 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• angelkillah / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆87Updated 8 years ago
• pan-unit42 / dotnetfile
  ☆100Updated last year
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• poona / APIMiner
  API Logger for Windows Executables
  ☆77Updated 4 years ago
• c3rb3ru5d3d53c / mwcfg-modules
  Malware Configuration Extraction Modules
  ☆47Updated 11 months ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆123Updated last month
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆176Updated 5 years ago
• d00rt / emotet_network_protocol
  ☆81Updated 4 years ago
• bootkitsbook / bootkits
  ☆61Updated 5 years ago
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆25Updated 4 years ago
• danielplohmann / mcrit
  The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…
  ☆86Updated 5 months ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆62Updated 3 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆71Updated this week
• mbrengel / yarix
  ☆57Updated 3 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 2 years ago
• x64dbg / yarasigs
  Various Yara signatures (possibly to be included in a release later).
  ☆85Updated 5 years ago
• redcanaryco / exploit-primitive-playground
  ☆59Updated 4 months ago
• nccgroup / DIBF
  Windows NT ioctl bruteforcer and modular fuzzer
  ☆120Updated 5 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆48Updated last year
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆171Updated 9 months ago