mmn3mm / peresources
☆14Updated 4 years ago
Alternatives and similar repositories for peresources:
Users that are interested in peresources are comparing it to the libraries listed below
- Simplified MITRE Use Cases, it describes the Attack and Detection☆43Updated 4 years ago
- Capa analysis importer for Ghidra.☆61Updated 4 years ago
- Miscellaneous Malware RE☆195Updated 2 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆133Updated 2 years ago
- A lightweight type converter python library.☆13Updated 4 years ago
- Automatically rebuild Import Address Table for dumped PE file. With python bindings!☆118Updated 6 years ago
- Various Yara signatures (possibly to be included in a release later).☆85Updated 5 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆89Updated 5 years ago
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆248Updated 2 years ago
- ☆69Updated last year
- Generating YARA rules based on binary code☆207Updated 3 years ago
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆135Updated 5 years ago
- ☆134Updated 6 years ago
- Live hunting of code injection techniques☆379Updated 5 years ago
- Enable Microsoft PDB support in Ghidra without installing Visual Studio☆37Updated 5 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆75Updated 10 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆109Updated 4 years ago
- ☆81Updated 5 years ago
- Free IDA Pro Binary Auditing Training Material for University Lectures - from http://binary-auditing.com . Contains decrypted/unzipped fi…☆168Updated last year
- Various scripts for different malware families☆106Updated 3 years ago
- Debug Child Process Tool (auto attach)☆282Updated last year
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆181Updated 4 years ago
- Script analysis tool based on Frida.re☆129Updated 7 years ago
- Lazy Office Analyzer☆120Updated 8 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆182Updated 6 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆420Updated 4 years ago
- Smart DLL execution for malware analysis in sandbox systems☆143Updated 10 years ago
- Cmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engin…☆294Updated 2 years ago
- Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.☆158Updated 5 years ago