Alternatives and similar repositories for siphon:

Users that are interested in siphon are comparing it to the libraries listed below

• hasherezade / flareon2023
  ☆25Updated 3 months ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆33Updated last year
• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆30Updated last year
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆43Updated last year
• packing-box / bintropy
  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
  ☆44Updated last month
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆24Updated 2 years ago
• milankovo / YaraVM
  This repository contains an IDA processor for loading and disassembling compiled yara rules.
  ☆33Updated 3 weeks ago
• DissectMalware / yaradbg-frontend
  ☆38Updated last year
• hasherezade / flareon2022
  ☆28Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated last year
• OALabs / hashdb-ghidra
  Ghidra plugin for HashDB
  ☆19Updated last year
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆54Updated 2 weeks ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆35Updated 3 years ago
• naksyn / talks
  Repo containing my public talks
  ☆22Updated last year
• emproof-com / webinars
  ☆29Updated this week
• packing-box / packer-masking-tool
  Attack tool for altering packed samples so that they evade static packing detection
  ☆13Updated this week
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆35Updated last year
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆52Updated 2 years ago
• ald3ns / copy-as-yara
  This is a little plugin to copy disassembly in a way that is usable in YARA rules!
  ☆41Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆87Updated last year
• PwCUK-CTO / iis-helper-plugin
  IDA Pro plugin to aid with the analysis of native IIS modules
  ☆17Updated 5 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆31Updated last year
• DissectMalware / yaradbg-backend
  ☆24Updated last year
• embee-research / Icedid-file-decryptor
  Static Decryptor for IcedID Malware
  ☆18Updated 2 years ago
• rhotav / PT_LOAD-Injector
  An injector that use PT_LOAD technique
  ☆12Updated 2 years ago
• jeFF0Falltrades / rat_king_parser
  A robust, multiprocessing-capable, multi-family RAT config parser/config extractor for AsyncRAT, DcRAT, VenomRAT, QuasarRAT, XWorm, Xeno …
  ☆37Updated last month
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆115Updated 6 months ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆67Updated last year
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆49Updated 2 years ago
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆25Updated 5 years ago