packing-box / peid
Python implementation of the Packed Executable iDentifier (PEiD)
☆126Updated 4 months ago
Related projects: ⓘ
- HashDB API hash lookup plugin for IDA Pro☆286Updated 2 months ago
- Robust Automated Malware Unpacker☆84Updated last year
- ☆94Updated last year
- Dynamic unpacker based on PE-sieve☆650Updated 6 months ago
- msdocsviewer is a simple tool that parses Microsoft's win32 API and driver documentation to be used within IDA.☆148Updated 8 months ago
- A list of open source reverse engineering tools with a focus on binary analysis☆171Updated 5 months ago
- BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)☆120Updated 2 years ago
- Debug Child Process Tool (auto attach)☆267Updated last year
- An interactive list of plugins for hex-rays' IDA Pro☆354Updated last month
- Assortment of hashing algorithms used in malware☆323Updated 2 months ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆114Updated last year
- LERN GHIDRA☆84Updated last year
- An automatic unpacker and logger for DotNet Framework targeting files☆248Updated last year
- Advanced driver monitoring utility.☆194Updated 2 years ago
- Ghidra scripts for malware analysis☆84Updated 8 months ago
- An IDA Pro extension for easier (malware) reverse engineering☆109Updated 2 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆195Updated 2 years ago
- XNTSV program for detailed viewing of system structures for Windows.☆439Updated this week
- Dataset of packed PE samples☆24Updated 2 months ago
- A DTrace on Windows Reimplementation☆317Updated last month
- A utility to fix intentionally corrupted UPX packed files.☆79Updated last year
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆334Updated this week
- Simple windows API logger☆96Updated 5 years ago
- Ghidra Extension to integrate BinDiff for function matching☆255Updated this week
- x86 malware emulator☆190Updated 3 weeks ago
- Official x64dbg plugin for IDA Pro.☆440Updated last year
- Parse .NET executable files.☆72Updated 5 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆251Updated 2 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆202Updated last month
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆728Updated 7 months ago