rabbitstack / fibratus
Adversary tradecraft detection, protection, and hunting
☆2,210Updated this week
Related projects ⓘ
Alternatives and complementary repositories for fibratus
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,264Updated this week
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,035Updated 2 weeks ago
- Windows kernel and user mode emulation.☆1,516Updated 7 months ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,104Updated 2 weeks ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,804Updated this week
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,074Updated 3 weeks ago
- VirusTotal Wanna Be - Now with 100% more Hipster☆1,654Updated last year
- The pattern matching swiss knife☆8,306Updated last month
- A Coverage Explorer for Reverse Engineers☆2,258Updated 4 months ago
- Diaphora, the most advanced Free and Open Source program diffing tool.☆3,662Updated 2 months ago
- A static analyzer for PE executables.☆1,018Updated 10 months ago
- A True Instrumentable Binary Emulation Framework☆5,168Updated last month
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,654Updated 9 months ago
- Reverse engineering framework in Python☆3,501Updated 3 months ago
- Portable Executable reversing tool with a friendly GUI☆2,774Updated 3 weeks ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆6,593Updated 2 weeks ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆4,879Updated this week
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆2,969Updated last week
- Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall …☆1,304Updated 2 years ago
- A curated list of awesome YARA rules, tools, and people.☆3,565Updated this week
- IDA Pro utilities from FLARE team☆2,240Updated 3 weeks ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,472Updated 2 months ago
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,407Updated 5 months ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆3,609Updated 3 weeks ago
- Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free…☆1,691Updated last month
- Loki - Simple IOC and YARA Scanner☆3,402Updated 3 weeks ago
- An advanced memory forensics framework☆7,356Updated last year
- Malware Configuration And Payload Extraction☆2,011Updated this week
- Windows Object Explorer 64-bit☆1,648Updated last month
- Rekall Memory Forensic Framework☆1,925Updated 4 years ago