microsoft / RIFTLinks
Rust Library Recognition Project for Rust Malware by the MSTIC-MIRAGE Team
☆338Updated last month
Alternatives and similar repositories for RIFT
Users that are interested in RIFT are comparing it to the libraries listed below
Sorting:
- Slides and files for the Reversing Rust Binaries: One step beyond strings workshop at REcon 2024, presented on June 28, 2024.☆80Updated last year
- Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…☆486Updated last week
- FLARE Team's Binary Navigator☆300Updated last month
- Get information about stripped rust executables☆42Updated 8 months ago
- Rust symbol recovery tool☆77Updated 6 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆76Updated 5 months ago
- ☆89Updated 11 months ago
- A collection of malware families and malware samples which use the Rust programming language.☆201Updated last week
- Reverse engineering assistant that uses a locally running LLM to aid with pseudocode analysis.☆113Updated 2 weeks ago
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆335Updated 6 months ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆354Updated this week
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆242Updated 3 months ago
- DiffRays is a research-oriented tool for binary patch diffing, designed to aid in vulnerability research, exploit development, and revers…☆280Updated last month
- Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine…☆309Updated 3 months ago
- Python tool to check rootkits in Windows kernel☆204Updated 5 months ago
- ☆157Updated 2 weeks ago
- Modular and extensible library for Virtual Machine Introspection☆115Updated this week
- ☆122Updated 2 weeks ago
- Linux anti-debugging and anti-analysis rust library☆333Updated 3 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆476Updated 6 months ago
- Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib☆234Updated last week
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆429Updated last month
- eBPF Memory Dump Tool☆97Updated 4 months ago
- Binary Exploitation Phrack CTF Challenge☆140Updated 4 months ago
- WinDbg extension written in Rust to dump the CPU / memory state of a running VM☆125Updated 3 months ago
- A C++ tool to unstrip Rust/Go binaries (ELF and PE)☆400Updated 11 months ago
- Powershell Linter☆86Updated last month
- Resolve symbols from release rust binaries on Windows☆21Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆167Updated last year
- Golem automates C/C++ vulnerability discovery with SemGrep+LLVM+LLM☆96Updated 7 months ago