reb311ion / CapaExplorer
Capa analysis importer for Ghidra.
☆61Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for CapaExplorer
- Go Lang Portable Executable Parser☆37Updated 3 years ago
- ☆66Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- TA505 unpacker Python 2.7☆46Updated 4 years ago
- Malware Configuration Extraction Modules☆47Updated 11 months ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Updated last year
- Radare2 Metadata Extraction to Elasticsearch☆21Updated 5 months ago
- Transfer EIP control to shellcode during malware analysis investigation☆73Updated 10 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated last year
- ☆27Updated 2 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆39Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- API Logger for Windows Executables☆77Updated 4 years ago
- TrashDBG the world's worse debugger☆24Updated 2 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- Imphash-like calculation on Golang binaries☆47Updated 2 years ago
- A collection of shellcode hashes☆17Updated 6 years ago
- A small utility to deal with malware embedded hashes.☆48Updated last year
- Handy scripts to speed up malware analysis☆35Updated last year
- Telsy CTI Research Team☆57Updated 3 years ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆21Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆62Updated 6 months ago
- Malware similarity platform with modularity in mind.☆76Updated 3 years ago
- ☆22Updated 5 months ago
- ☆23Updated 4 years ago
- Malware dynamic instrumentation tool based on frida framework☆101Updated 4 years ago
- Yet another rule generator for Yara☆25Updated 4 years ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆36Updated last year
- ☆12Updated 2 years ago
- Ghidra plugin for https://analyze.intezer.com☆69Updated 2 years ago