packing-box / peid

Related projects: ⓘ

• OALabs / hashdb-ida
  HashDB API hash lookup plugin for IDA Pro
  ☆286Updated 2 months ago
• fkie-cad / RoAMer
  Robust Automated Malware Unpacker
  ☆84Updated last year
• NozomiNetworks / upx-recovery-tool
  ☆94Updated last year
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆650Updated 6 months ago
• alexander-hanel / msdocsviewer
  msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.
  ☆148Updated 8 months ago
• extremecoders-re / re-list
  A list of open source reverse engineering tools with a focus on binary analysis
  ☆171Updated 5 months ago
• season-lab / bluepill
  BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
  ☆120Updated 2 years ago
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆267Updated last year
• vmallet / ida-plugins
  An interactive list of plugins for hex-rays' IDA Pro
  ☆354Updated last month
• OALabs / hashdb
  Assortment of hashing algorithms used in malware
  ☆323Updated 2 months ago
• therealdreg / masm32-kernel-programming
  masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)
  ☆114Updated last year
• nullteilerfrei / reversing-class
  LERN GHIDRA
  ☆84Updated last year
• advanced-threat-research / DotDumper
  An automatic unpacker and logger for DotNet Framework targeting files
  ☆248Updated last year
• Fyyre / DrvMon
  Advanced driver monitoring utility.
  ☆194Updated 2 years ago
• AllsafeCyberSecurity / ghidra_scripts
  Ghidra scripts for malware analysis
  ☆84Updated 8 months ago
• danielplohmann / idascope
  An IDA Pro extension for easier (malware) reverse engineering
  ☆109Updated 2 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆195Updated 2 years ago
• horsicq / xntsv
  XNTSV program for detailed viewing of system structures for Windows.
  ☆439Updated this week
• packing-box / dataset-packed-pe
  Dataset of packed PE samples
  ☆24Updated 2 months ago
• mandiant / STrace
  A DTrace on Windows Reimplementation
  ☆317Updated last month
• lcashdol / UPX
  A utility to fix intentionally corrupted UPX packed files.
  ☆79Updated last year
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆334Updated this week
• d35ha / xLogger
  Simple windows API logger
  ☆96Updated 5 years ago
• ubfx / BinDiffHelper
  Ghidra Extension to integrate BinDiff for function matching
  ☆255Updated this week
• sha0coder / scemu
  x86 malware emulator
  ☆190Updated 3 weeks ago
• x64dbg / x64dbgida
  Official x64dbg plugin for IDA Pro.
  ☆440Updated last year
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆72Updated 5 months ago
• thesecretclub / SandboxBootkit
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆251Updated 2 years ago
• ergrelet / themida-unmutate
  Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.
  ☆202Updated last month
• mrexodia / dumpulator
  An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…
  ☆728Updated 7 months ago