mandiant / rvmi-qemuView external linksLinks
QEMU with rVMI extensions
☆25Jul 25, 2017Updated 8 years ago
Alternatives and similar repositories for rvmi-qemu
Users that are interested in rvmi-qemu are comparing it to the libraries listed below
Sorting:
- Linux-KVM with rVMI extensions☆22Aug 28, 2017Updated 8 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- rVMI - A New Paradigm For Full System Analysis☆359Oct 4, 2017Updated 8 years ago
- XED based Disassembly Engine☆21Apr 23, 2018Updated 7 years ago
- pure Python binary analysis framework☆23Oct 26, 2018Updated 7 years ago
- Some tools☆10Dec 5, 2017Updated 8 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- 关闭恶意驱动的文件和注册表保护☆14Jun 28, 2022Updated 3 years ago
- My metasploit modules☆11Jul 7, 2015Updated 10 years ago
- Collection of Nmap scripts☆10Nov 27, 2015Updated 10 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆39Oct 9, 2021Updated 4 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆73Apr 14, 2017Updated 8 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- Repository to store the Threat Reports made by the McAfee Enterprise ATR Team☆10Oct 11, 2018Updated 7 years ago
- Virustotal Data to Timesketch☆16Feb 28, 2019Updated 6 years ago
- Open-source decompilation of Disstrack☆12Oct 18, 2016Updated 9 years ago
- FLARE Kernel Shellcode Loader☆179May 3, 2019Updated 6 years ago
- What Would Capstone Decode - IDA plugin that implements a Capstone powered IDA view☆57Nov 29, 2016Updated 9 years ago
- ☆18Jan 25, 2017Updated 9 years ago
- ☆16Sep 7, 2017Updated 8 years ago
- grap: define and match graph patterns within binaries☆174Mar 3, 2021Updated 4 years ago
- Encase Script to parse harddrive for MFT data☆16Jun 17, 2016Updated 9 years ago
- Resource links (video, slides & code) for my conference talks | presentations | workshops☆21Nov 17, 2025Updated 2 months ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆39Mar 15, 2017Updated 8 years ago
- ☆31Jan 4, 2018Updated 8 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Extract, defang, resolve names and IPs from text☆23Jan 29, 2026Updated 2 weeks ago
- Various libraries focused on examining/parsing NTFS-specific structures☆16Oct 25, 2015Updated 10 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Jun 8, 2019Updated 6 years ago
- A project in Golang that will create prefix-based magic MD5 hashes for type juggling.☆20Jul 29, 2018Updated 7 years ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 10 years ago
- Exploiting Edge's read:// urlhandler☆15Oct 23, 2021Updated 4 years ago
- A gadget finder and a ROP-Chainer tool for x86 platforms☆95Jun 13, 2021Updated 4 years ago
- ☆44Sep 12, 2018Updated 7 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Automatically exported from code.google.com/p/portable-executable-library☆22Oct 5, 2019Updated 6 years ago
- ☆16Nov 16, 2015Updated 10 years ago
- This is a release of the torCT PHP RAT for people willing to research RATs and how they work.☆18Dec 3, 2015Updated 10 years ago