necst / arancinoLinks
Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.
☆72Updated 3 years ago
Alternatives and similar repositories for arancino
Users that are interested in arancino are comparing it to the libraries listed below
Sorting:
- ☆181Updated 6 years ago
- Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code☆51Updated 9 years ago
- PEDA-like debugger UI for WinDbg☆205Updated last year
- automated-arancino is a lightweight analysis framework to automate malware experiments.☆15Updated 8 years ago
- ☆88Updated 10 years ago
- A set of programs used for benchmarking the strength of obfuscation☆91Updated 7 years ago
- VMI-Unpack - A Virtual Machine Introspection (VMI) based generic unpacker.☆56Updated 5 years ago
- IDA plugin for software complexity metrics assessment☆60Updated 7 years ago
- SAFE embeddings to match functions in yara☆100Updated 5 years ago
- This IDAPython script tags subroutines according to their use of imported functions☆74Updated 4 years ago
- Security Evaluation of Dynamic Binary Instrumentation Engines☆80Updated 7 years ago
- grap: define and match graph patterns within binaries☆154Updated 3 years ago
- TaintInduce is a project which aims to automate the creation of taint propagation rules for unknown instruction sets.☆59Updated 4 years ago
- ☆42Updated 8 years ago
- A DBI tool to discover heap memory related bugs☆125Updated 7 years ago
- Symbolic Simplification with PAttern Matching☆106Updated 8 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆137Updated 6 years ago
- ☆89Updated 6 years ago
- A branch-monitor-based solution for process monitoring.☆133Updated 5 years ago
- ☆49Updated 4 years ago
- Windows API tracer for malware (oldname: unitracer)☆119Updated 7 years ago
- Clone of "Compiler-Agnostic Function Detection in Binaries" source code☆86Updated 3 years ago
- qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's …☆122Updated 10 years ago
- Build your emulation environment as needed☆65Updated 4 years ago
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆68Updated 4 years ago
- Testing Intermediate Representations for Binary Analysis (ASE '17)☆81Updated 6 years ago
- Implementation of G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries☆95Updated 7 years ago
- Experimental opaque predicate detection for IDA Pro☆81Updated 7 years ago
- IDA Plugin which decodes Windows Device I/O control code into DeviceType, FunctionCode, AccessType and MethodType.☆112Updated last year
- Use angr inside the radare2 debugger. Create an angr state from the current debugger state.☆34Updated 6 years ago