mandiant / rvmi-qemu
QEMU with rVMI extensions
☆25Updated 7 years ago
Alternatives and similar repositories for rvmi-qemu:
Users that are interested in rvmi-qemu are comparing it to the libraries listed below
- Linux-KVM with rVMI extensions☆22Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 8 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Volatility Plugins☆21Updated 9 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago
- Framework to automatically test and explore the capabilities of generic AV engines☆70Updated 6 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- API functions for Malware Research☆35Updated 5 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- Hansel - a simple but flexible search for IDA☆26Updated 5 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- A python script that can be used to scan data within in an IDB using Yara.☆22Updated 6 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Updated 8 years ago
- ☆51Updated 6 years ago
- ☆32Updated 9 months ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆55Updated 7 years ago
- IDATACO IDA Pro Plugin☆47Updated 8 years ago
- Memory forensics of virtualization environments☆46Updated 10 years ago
- Network detector for Winnti malware☆20Updated 7 years ago
- ☆23Updated 5 years ago
- Malware analyses and helpful scripts☆29Updated 2 years ago
- ☆33Updated 9 years ago
- library to decode/parse zeus-like configuration files☆29Updated 7 years ago
- Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns☆67Updated 7 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 6 years ago
- Exposing the Neutrino EK: All the Naughty Bits (BSidesLV16)☆15Updated 8 years ago
- Malware.lu configuration extractor☆24Updated 10 years ago
- Test suite for bypassing Malware sandboxes.☆39Updated 10 years ago
- A dirty IDAPython script to dump windows system call number/name pairs as JSON☆37Updated 8 years ago