Alternatives and similar repositories for peresources:

Users that are interested in peresources are comparing it to the libraries listed below

• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆137Updated 2 years ago
• reb311ion / CapaExplorer
  Capa analysis importer for Ghidra.
  ☆61Updated 4 years ago
• x64dbg / yarasigs
  Various Yara signatures (possibly to be included in a release later).
  ☆85Updated 5 years ago
• adamkramer / jmp2it
  Transfer EIP control to shellcode during malware analysis investigation
  ☆75Updated 10 years ago
• nullteilerfrei / reversing-class
  LERN GHIDRA
  ☆89Updated 2 years ago
• karemfaisal / SMUC
  Simplified MITRE Use Cases, it describes the Attack and Detection
  ☆44Updated 4 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆209Updated 3 years ago
• AlyaGomaa / bitsbehumble
  A lightweight type converter python library.
  ☆13Updated 4 years ago
• karttoon / binsequencer
  BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…
  ☆76Updated 3 years ago
• pan-unit42 / dotnetfile
  ☆105Updated last year
• d00rt / emotet_network_protocol
  ☆82Updated 5 years ago
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆118Updated 6 years ago
• sysopfb / Malware_Scripts
  Various scripts for different malware families
  ☆106Updated 4 years ago
• tildedennis / malware
  ☆44Updated 6 years ago
• Info-security / binary-auditing-training
  Free IDA Pro Binary Auditing Training Material for University Lectures - from http://binary-auditing.com . Contains decrypted/unzipped fi…
  ☆170Updated last year
• d00rt / emotet_research
  ☆134Updated 6 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆96Updated 3 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆114Updated last year
• spender-sandbox / cuckoomon-modified
  Modified edition of cuckoomon
  ☆49Updated 6 years ago
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆39Updated 4 years ago
• Fare9 / ANBU
  ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.
  ☆89Updated 5 years ago
• 0xsha / florentino
  Fast Static File Analysis Framework
  ☆103Updated 5 years ago
• MAECProject / malware-behaviors
  A taxonomy and dictionary of malware behaviors.
  ☆42Updated 5 years ago
• danielplohmann / apiscout
  This project aims at simplifying Windows API import recovery on arbitrary memory dumps
  ☆249Updated 2 years ago
• 0x6d696368 / ghidra_scripts
  Ghidra scripts such as a RC4 decrypter, Yara search, stack string decoder, etc.
  ☆158Updated 5 years ago
• williballenthin / python-sdb
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆109Updated 4 years ago
• myrtus0x0 / smoke_conf_extract
  ☆13Updated 2 years ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆78Updated 4 years ago
• Big5-sec / pcode2code
  a vba pcode decompiler based on pcodedmp
  ☆109Updated 3 years ago
• silence-is-best / c2db
  c2 traffic
  ☆188Updated 2 years ago