kevoreilly / capemonLinks
capemon: CAPE's monitor
☆123Updated 2 weeks ago
Alternatives and similar repositories for capemon
Users that are interested in capemon are comparing it to the libraries listed below
Sorting:
- ☆106Updated last year
- Use YARA rules on Time Travel Debugging traces☆91Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆73Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆70Updated last month
- Small tool to convert beteween the PE alignments (raw and virtual).☆90Updated 2 years ago
- Community modules for CAPE Sandbox☆100Updated last week
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- Parse .NET executable files.☆76Updated last month
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- MalUnpack companion driver☆98Updated last year
- Automatic YARA rule generation for Malpedia☆161Updated 2 years ago
- Set of antianalysis techniques found in malware☆132Updated last year
- Sysmon-Like research tool for ETW☆354Updated 2 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆143Updated 6 years ago
- IDA python plugin to scan binary with Yara rules☆175Updated last year
- Library and tools to access the Windows Prefetch File (SCCA) format.☆75Updated 5 months ago
- Robust Automated Malware Unpacker☆84Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆146Updated this week
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆125Updated 3 years ago
- Simple windows API logger☆104Updated 5 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆206Updated 2 years ago
- Generating YARA rules based on binary code☆212Updated 3 years ago
- Collection of rules created using YARA-Signator over Malpedia☆131Updated 7 months ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆273Updated 6 months ago
- Powershell script deobfuscation using AST in Python☆68Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- A simple C# executable that invokes an arbitrary method of an arbitrary C# DLL☆135Updated last year
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆65Updated 3 years ago
- Alternative YARA scanning engine☆70Updated 2 years ago