necst / arancinoView external linksLinks
Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.
☆73Apr 28, 2022Updated 3 years ago
Alternatives and similar repositories for arancino
Users that are interested in arancino are comparing it to the libraries listed below
Sorting:
- automated-arancino is a lightweight analysis framework to automate malware experiments.☆16Apr 17, 2017Updated 8 years ago
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆23Nov 12, 2019Updated 6 years ago
- Implementation trade-offs in using Intel Pin for instruction tracing of complex programs☆15Oct 16, 2019Updated 6 years ago
- Polymorphic VM and PoliCTF '17 reversing challenge.☆73Sep 20, 2024Updated last year
- A pintool in order to unpack malware☆238Jul 30, 2016Updated 9 years ago
- Security Evaluation of Dynamic Binary Instrumentation Engines☆82Sep 1, 2018Updated 7 years ago
- Code for my blog post on combining S2E and Kaitai Struct☆15Jun 1, 2019Updated 6 years ago
- ☆28Feb 13, 2017Updated 9 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆89Jun 17, 2024Updated last year
- Framework to automatically test and explore the capabilities of generic AV engines☆69Jan 15, 2019Updated 7 years ago
- gdbserver implementation on BitVisor☆25Nov 8, 2017Updated 8 years ago
- Unicorn PE function runner☆59Jul 4, 2017Updated 8 years ago
- Basic x86 Symbolic Execution for educational purposes☆18May 8, 2017Updated 8 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆57Jan 16, 2020Updated 6 years ago
- Convert libvirt-QEMU-save (LQS) files to raw memory files☆14Sep 22, 2018Updated 7 years ago
- ☆41May 23, 2017Updated 8 years ago
- ☆28May 10, 2020Updated 5 years ago
- PIN-based Fault-Injector is a fault injector based on the Intel PIN tool. For more information, please refer to the following paper:☆18Jul 6, 2018Updated 7 years ago
- A system to record malware using PANDA☆45May 20, 2019Updated 6 years ago
- This is a fuzzer for Windows SEH buffer overflow.☆15Oct 17, 2017Updated 8 years ago
- Dynamic analysis of binary programs to retrieve function-related information (arity, type of parameters, coupling).☆69Sep 5, 2017Updated 8 years ago
- Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"☆315Jun 11, 2020Updated 5 years ago
- ☆91Oct 28, 2016Updated 9 years ago
- Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis☆138Mar 4, 2020Updated 5 years ago
- AVClass malware labeling tool☆484Oct 22, 2024Updated last year
- This is a sample approach of data analysis in security scene.☆18Oct 21, 2018Updated 7 years ago
- Detect x86 shellcode in files and traffic.☆25Jun 12, 2018Updated 7 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- Malware Dynamic Analysis Platform enhanced Cuckoo Sandbox☆24Jan 10, 2018Updated 8 years ago
- VMAttack PlugIn for IDA Pro☆866Nov 30, 2017Updated 8 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆116Aug 2, 2022Updated 3 years ago
- Zydis Pascal Bindings☆21Nov 20, 2023Updated 2 years ago
- Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deo…☆881Nov 21, 2023Updated 2 years ago
- Code for my blog post on using S2E for malware analysis☆25Jul 16, 2019Updated 6 years ago
- ☆32Apr 24, 2022Updated 3 years ago
- Code and artifacts of the "Dissecting American Fuzzy Lop - A FuzzBench Evaluation" paper☆13Oct 3, 2022Updated 3 years ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- A Multithread PcapNG capturing tool with Hardware timestamping☆10Nov 6, 2016Updated 9 years ago
- Windows API tracer for malware (oldname: unitracer)☆120Oct 16, 2017Updated 8 years ago