nimrodpar / Labeled-Elfs
A collection of well labeled ELF binaries compiled from benign and malicious code in various ways. Great for exploring similarity in executables and training various ML models.
☆90Updated 11 months ago
Alternatives and similar repositories for Labeled-Elfs:
Users that are interested in Labeled-Elfs are comparing it to the libraries listed below
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆230Updated 2 weeks ago
- Robust Automated Malware Unpacker☆84Updated last year
- ☆105Updated 5 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆90Updated this week
- ☆57Updated 3 years ago
- Ghidra scripts for malware analysis☆91Updated last year
- Port of the binary diffing library, diaphora, for radare2 and mariadb☆50Updated last year
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆85Updated 8 months ago
- SAFE embeddings to match functions in yara☆100Updated 5 years ago
- grap: define and match graph patterns within binaries☆154Updated 2 years ago
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆126Updated 4 months ago
- Automatically generate AV byte signatures from sets of similar binaries.☆264Updated 3 months ago
- Dragodis is a Python framework which allows for the creation of universal disassembler scripts.☆50Updated 8 months ago
- ☆119Updated last month
- This repository contains relevant samples and data related to the ELF Malware Analysis 101 articles☆43Updated 2 years ago
- ☆224Updated last year
- ☆132Updated 4 years ago
- LERN GHIDRA☆90Updated 2 years ago
- Target-centric program analysis.☆73Updated this week
- ☆60Updated 2 weeks ago
- This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…☆102Updated 6 months ago
- Symbolic execution in radare2 with angr☆40Updated 3 years ago
- ☆72Updated 2 years ago
- An IDA Pro extension for easier (malware) reverse engineering☆111Updated 2 years ago
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆72Updated 2 years ago
- Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)☆229Updated 4 months ago
- scripts/plugins for IDA Pro☆171Updated 2 months ago
- This project tries to provide additional Ghidra Version Tracking Correlators suitable for patch diffing.☆90Updated last year
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- Assembled Labeled Library for Static Analysis Research - Debian packages built for 6 architectures, storing compiler artifacts, binaries…☆28Updated 3 years ago