mandiant / gostringungarblerLinks
Python tool to resolve all strings in Go binaries obfuscated by garble
☆134Updated 8 months ago
Alternatives and similar repositories for gostringungarbler
Users that are interested in gostringungarbler are comparing it to the libraries listed below
Sorting:
- A command line Windows API tracing tool for Golang binaries.☆157Updated last year
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆75Updated 3 months ago
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆39Updated 8 months ago
- Retrieve inner payloads from Donut samples☆111Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆120Updated last year
- ☆114Updated last week
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆234Updated last month
- A dynamic unpacking tool☆143Updated 2 years ago
- A collection of modules and scripts to help with analyzing Nim binaries☆81Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆199Updated 2 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆151Updated 2 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆167Updated last year
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆130Updated 7 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆159Updated last month
- Vulnerable driver research tool, result and exploit PoCs☆221Updated 2 years ago
- Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator☆68Updated 8 months ago
- Anti-analysis tool that obfuscates ELF files☆35Updated 4 years ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆257Updated last year
- ☆90Updated 9 months ago
- Generate a proxy dll for arbitrary dll☆211Updated last year
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆408Updated last week
- Rule Engine for Dynamic Malware Analysis and Research☆25Updated 7 months ago
- Exploit targeting NT kernel in 24H2 Windows Insider Preview☆146Updated last year
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆194Updated 2 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆132Updated this week
- ☆155Updated 3 months ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆314Updated last year
- Shellcode IDE — makes developing and analyzing shellcode much more convenient.☆102Updated 3 weeks ago
- Ebyte-Go-Morpher is a Go program that parses, analyzes, and rewrites Go source code to apply multiple layers of obfuscation. It operates …☆118Updated 4 months ago
- Recon 2023 slides and code☆80Updated 2 years ago