Alternatives and similar repositories for UPX

Users that are interested in UPX are comparing it to the libraries listed below

• NozomiNetworks / upx-recovery-tool
  ☆109Updated 2 years ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆76Updated last month
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆81Updated 3 years ago
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆143Updated 3 years ago
• Signal-Labs / IOCTLDump
  ☆147Updated 2 years ago
• mcdulltii / obfDetect
  IDA plugin to pinpoint obfuscated code
  ☆141Updated 3 years ago
• waleedassar / RestrictedKernelLeaks
  ☆163Updated 4 years ago
• leandrofroes / gftrace
  A command line Windows API tracing tool for Golang binaries.
  ☆157Updated last year
• CheckPointSW / Anti-Debug-DB
  Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of v…
  ☆61Updated last year
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆70Updated last year
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆117Updated 2 years ago
• JPCERTCC / upx-mod
  UPX - the Ultimate Packer for eXecutables
  ☆67Updated 3 years ago
• therealdreg / x64dbg-exploiting
  Do you want to use x64dbg instead of immunity debugger? oscp eCPPTv2 buffer overflow exploits pocs
  ☆89Updated last year
• SilentVoid13 / Silent_Packer
  An ELF / PE binary packer written in pure C, made for fun
  ☆98Updated last year
• elastic / HexForge
  This IDA plugin extends the functionality of the assembly and hex view. With this plugin, you can conveniently decode/decrypt/alter data …
  ☆85Updated 4 months ago
• secnotes / elfspirit
  ELF static analysis and injection framework that parse, manipulate, patch and camouflage ELF files.
  ☆131Updated 3 months ago
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆113Updated 2 years ago
• nccgroup / ghostrings
  Ghidra scripts for recovering string definitions in Go binaries
  ☆119Updated 10 months ago
• 86hh / DreamLoader
  Simple 32/64-bit PEs loader.
  ☆137Updated 6 years ago
• MayerDaniel / ida_gpt
  ☆82Updated 2 years ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆97Updated last year
• VergiliusProject / vergilius-project
  This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…
  ☆216Updated 8 months ago
• p0dalirius / pyPDBdownload
  A Python script to download PDB files associated with a Portable Executable (PE)
  ☆125Updated 8 months ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆42Updated 10 years ago
• OALabs / hexcopy-ida
  IDA plugin for quickly copying disassembly as encoded hex bytes
  ☆63Updated 3 years ago
• riskydissonance / SyscallsExample
  Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.
  ☆75Updated 3 years ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆131Updated 2 years ago
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆154Updated last year
• RITRedteam / goofkit
  In line function hooking LKM rootkit
  ☆52Updated 5 years ago
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆58Updated 4 years ago