kevoreilly / capemonLinks
capemon: CAPE's monitor
☆125Updated this week
Alternatives and similar repositories for capemon
Users that are interested in capemon are comparing it to the libraries listed below
Sorting:
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- Small tool to convert beteween the PE alignments (raw and virtual).☆94Updated 2 years ago
- Native Python3 bindings for @horsicq's Detect-It-Easy☆73Updated 3 months ago
- Use YARA rules on Time Travel Debugging traces☆92Updated 2 years ago
- Simple windows API logger☆108Updated 5 years ago
- A DTrace on Windows Reimplementation☆352Updated 6 months ago
- ☆106Updated last year
- Parse .NET executable files.☆77Updated this week
- HashDB API hash lookup plugin for IDA Pro☆330Updated 2 months ago
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- Community modules for CAPE Sandbox☆101Updated last week
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆279Updated 8 months ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- ☆106Updated 2 years ago
- Document ETW providers☆246Updated 5 years ago
- Set of antianalysis techniques found in malware☆131Updated 2 years ago
- IDA python plugin to scan binary with Yara rules☆177Updated last year
- Robust Automated Malware Unpacker☆85Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆149Updated last month
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆214Updated 3 years ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆126Updated this week
- Powershell script deobfuscation using AST in Python☆69Updated last year
- MalUnpack companion driver☆98Updated last year
- ☆300Updated 4 years ago
- Python implementation of the Packed Executable iDentifier (PEiD)☆138Updated last year
- Extract AutoIt scripts embedded in PE binaries☆193Updated last year
- MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…☆229Updated 5 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated 2 years ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆166Updated 3 weeks ago