mrexodia / dumpulator
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
☆727Updated 7 months ago
Related projects: ⓘ
- Time Travel Debugging IDA plugin☆551Updated 2 months ago
- A Pin Tool for tracing API calls etc☆1,268Updated 3 weeks ago
- Dynamic unpacker based on PE-sieve☆650Updated 6 months ago
- An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.☆709Updated last year
- Automatic and platform-independent unpacker for Windows binaries based on emulation☆639Updated 3 months ago
- An interactive list of plugins for hex-rays' IDA Pro☆352Updated last month
- Assortment of hashing algorithms used in malware☆323Updated 2 months ago
- A private Lumina server for IDA Pro☆900Updated 2 weeks ago
- ☆583Updated this week
- Binary Ninja plugin to identify obfuscated code and other interesting code constructs☆555Updated 4 months ago
- gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions☆566Updated last year
- A Binary Genetic Traits Lexer Framework☆385Updated 9 months ago
- Yet Another Ghidra Integration for IDA☆480Updated 3 weeks ago
- A Trace Explorer for Reverse Engineers☆1,302Updated 10 months ago
- The FLARE team's open-source extension to add Python 3 scripting to Ghidra.☆687Updated 4 months ago
- HashDB API hash lookup plugin for IDA Pro☆286Updated 2 months ago
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆767Updated 4 months ago
- A collection of x64dbg scripts. Feel free to submit a pull request to add your script.☆495Updated 2 months ago
- A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.☆1,242Updated 3 months ago
- Obfuscate specific windows apis with different apis☆978Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆506Updated 3 weeks ago
- Karta - source code assisted fast binary matching plugin for IDA☆860Updated last year
- ☆785Updated last year
- Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.☆1,154Updated 2 years ago
- A reversing plugin for cross-decompiler collaboration, built on git.☆565Updated this week
- Quickly debug shellcode extracted during malware analysis☆547Updated last year
- ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming).☆407Updated 4 months ago
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆316Updated last year
- IDAPython tool for creating automatic C++ virtual tables in IDA Pro☆1,251Updated 3 years ago
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,082Updated last week