nimrodpar / Labeled-Elfs
A collection of well labeled ELF binaries compiled from benign and malicious code in various ways. Great for exploring similarity in executables and training various ML models.
☆88Updated 10 months ago
Alternatives and similar repositories for Labeled-Elfs:
Users that are interested in Labeled-Elfs are comparing it to the libraries listed below
- Robust Automated Malware Unpacker☆84Updated last year
- SAFE embeddings to match functions in yara☆100Updated 4 years ago
- SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.☆229Updated this week
- ☆105Updated 5 years ago
- grap: define and match graph patterns within binaries☆154Updated 2 years ago
- ☆72Updated 2 years ago
- The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash alg…☆88Updated 7 months ago
- ☆59Updated last week
- DynamoRIO coverage visualization for cutter☆61Updated 2 years ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is a "mirror" -- p…☆125Updated 3 months ago
- Automatically generate AV byte signatures from sets of similar binaries.☆263Updated 2 months ago
- Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.☆72Updated 2 years ago
- This framework enables user to discover JOP gagdets and can automate building a complete JOP chain to bypass DEP. JOP ROCKET is the ultim…☆100Updated 5 months ago
- ☆132Updated 3 years ago
- Target-centric program analysis.☆73Updated this week
- Ghidra scripts for malware analysis☆91Updated last year
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆123Updated 3 years ago
- This is the home of the raindrop obfuscator. It transforms program functions into obfuscated ROP chains that coexist seamlessly with the …☆61Updated 3 years ago
- ☆57Updated 3 years ago
- Notes on using the Python bindings for the Unicorn Engine☆73Updated 5 years ago
- ☆186Updated 3 years ago
- Symbolic execution in radare2 with angr☆40Updated 3 years ago
- This project tries to provide additional Ghidra Version Tracking Correlators suitable for patch diffing.☆90Updated last year
- ☆77Updated 4 months ago
- Write-ups for crackmes and CTF challenges☆51Updated 2 years ago
- Effects of packers on machine-learning-based malware classifiers that use only static analysis☆84Updated 7 months ago
- PoC for a snapshot-based coverage-guided fuzzer targeting Windows kernel components☆68Updated 3 years ago
- Nampa - FLIRT for (binary) ninjas☆94Updated last month
- An IDA Pro extension for easier (malware) reverse engineering☆111Updated 2 years ago