A small tool to unmap PE memory dumps.
☆11Nov 9, 2023Updated 2 years ago
Alternatives and similar repositories for pe-unmapper
Users that are interested in pe-unmapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning.☆58Apr 30, 2026Updated 2 weeks ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- IDAPython scripts☆15Aug 24, 2017Updated 8 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- API Hooking Engine on Windows 10☆12May 10, 2024Updated 2 years ago
- translate project of Drops☆11May 26, 2016Updated 9 years ago
- function identification signatures☆12Apr 26, 2021Updated 5 years ago
- https://www.huorong.cn/☆17Apr 16, 2024Updated 2 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Jan 31, 2022Updated 4 years ago
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated 2 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆22Sep 30, 2022Updated 3 years ago
- ☆15Oct 25, 2022Updated 3 years ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 3 years ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆12Dec 8, 2020Updated 5 years ago
- ☆15Sep 30, 2025Updated 7 months ago
- PoC for hiding data within $MFT☆12Aug 14, 2014Updated 11 years ago
- String Fixer for ConfuserEx2☆15Feb 20, 2023Updated 3 years ago
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Dataset of packed ELF samples☆21Jan 24, 2026Updated 3 months ago
- Found resources in my malware researching adventure.☆17Dec 18, 2022Updated 3 years ago
- Digital Artefact Extraction Tool for Discord Application☆12Apr 13, 2023Updated 3 years ago
- Hex-Rays Block Highlighter plugin for IDA to highlight if/for/do/switch/while blocks☆62Apr 17, 2022Updated 4 years ago
- ☆77Nov 30, 2023Updated 2 years ago
- A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and sec…☆13Dec 31, 2021Updated 4 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Do DFIR work in a Windows Sandbox☆21May 12, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- ☆32Jul 14, 2025Updated 10 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- A reimplementation of GNU readelf, using Ryan O'Neill's innovative library, libelfmaster.☆10Sep 28, 2019Updated 6 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- Vault of Windows Registry forensic artifacts☆30Nov 12, 2025Updated 6 months ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 4 years ago