ixiacom / ATI

Related projects ⓘ

Alternatives and complementary repositories for ATI

• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆73Updated 10 years ago
• HexHive / malWASH
  ☆112Updated 8 years ago
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 3 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆61Updated 3 years ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆259Updated 9 months ago
• mandiant / flare-kscldr
  FLARE Kernel Shellcode Loader
  ☆176Updated 5 years ago
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆115Updated 5 years ago
• eleemosynator / writeups
  Write-ups for crackmes and CTF challenges
  ☆49Updated last year
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆171Updated 9 months ago
• archcloudlabs / r2elk
  Radare2 Metadata Extraction to Elasticsearch
  ☆21Updated 5 months ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆202Updated 3 years ago
• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 2 years ago
• redcanaryco / exploit-primitive-playground
  ☆59Updated 4 months ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆102Updated 2 years ago
• KasperskyLab / VBscriptInternals
  Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis
  ☆83Updated 2 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆16Updated 4 years ago
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆85Updated last year
• c3rb3ru5d3d53c / mwcfg-modules
  Malware Configuration Extraction Modules
  ☆47Updated 11 months ago
• danielplohmann / mcrit
  The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…
  ☆86Updated 4 months ago
• bootkitsbook / rootkits
  ☆103Updated 5 years ago
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆30Updated 4 years ago
• d00rt / emotet_network_protocol
  ☆81Updated 4 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆129Updated last year
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆117Updated 4 years ago