☆116Feb 13, 2026Updated last month
Alternatives and similar repositories for dotnetfile
Users that are interested in dotnetfile are comparing it to the libraries listed below
Sorting:
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Updated this week
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆119Apr 8, 2023Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆264Aug 23, 2023Updated 2 years ago
- Parse .NET executable files.☆85Jan 31, 2026Updated last month
- Malduck is your ducky companion in malware analysis journeys☆350Jun 22, 2025Updated 9 months ago
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 4 years ago
- ☆119Aug 7, 2022Updated 3 years ago
- ☆27Sep 13, 2023Updated 2 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 6 months ago
- short crackme for Windows XP SP3 (32 bit version). ring0 stuff. IMO very fun x-)☆23Aug 11, 2023Updated 2 years ago
- quASAR: ASAR manipulation made easy☆38Sep 7, 2022Updated 3 years ago
- ☆27Feb 6, 2022Updated 4 years ago
- WNF Code Execution Library Using C#☆110May 18, 2020Updated 5 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆14Jul 24, 2021Updated 4 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- Go symbol recovery tool☆954Mar 6, 2026Updated 2 weeks ago
- Dynamic unpacker based on PE-sieve☆797Sep 13, 2025Updated 6 months ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- ☆10Aug 10, 2019Updated 6 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- ☆553Dec 4, 2023Updated 2 years ago
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆857Feb 2, 2024Updated 2 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Windows kernel and user mode emulation.☆1,896Mar 12, 2026Updated last week
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆125Jul 12, 2024Updated last year
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- Malware dynamic instrumentation tool based on frida framework☆110Jun 7, 2020Updated 5 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- Binary Ninja plugin to identify obfuscated code and other interesting code constructs☆654Mar 14, 2025Updated last year
- A collection of modules and scripts to help with analyzing Nim binaries☆83Oct 7, 2024Updated last year
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆263Mar 27, 2023Updated 2 years ago
- Extract AutoIt scripts embedded in PE binaries☆235Mar 7, 2026Updated 2 weeks ago
- SightingDB is a database for Sightings☆22Jun 21, 2023Updated 2 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Feb 6, 2025Updated last year
- A WinDbg extension to trace COM interactions☆131Aug 14, 2025Updated 7 months ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago