Capa analysis importer for Ghidra.
☆64Dec 2, 2020Updated 5 years ago
Alternatives and similar repositories for CapaExplorer
Users that are interested in CapaExplorer are comparing it to the libraries listed below
Sorting:
- ☆73Sep 4, 2023Updated 2 years ago
- Import DynamoRIO drcov code coverage data into Ghidra☆44Dec 21, 2023Updated 2 years ago
- GhidraQuark bridges Quark Engine into Ghidra☆39Mar 9, 2021Updated 5 years ago
- ☆16Apr 30, 2024Updated last year
- UNMAINTAINED: I am now developing and using https://github.com/GhidraJupyter/ghidra-jupyter-kotlin instead, PRs still welcome☆16May 6, 2020Updated 5 years ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 5 years ago
- My own diary notes. Adding the commands, tools, techniques, and resources that I will not memorize.☆15Jul 5, 2023Updated 2 years ago
- Anything related to Ghidra☆12Apr 22, 2019Updated 6 years ago
- My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)☆10Sep 13, 2020Updated 5 years ago
- ☆12Jun 20, 2020Updated 5 years ago
- ☆76Nov 30, 2023Updated 2 years ago
- Ghidra scripts for malware analysis☆102Jan 11, 2024Updated 2 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- Generating YARA rules based on binary code☆221Oct 7, 2021Updated 4 years ago
- bunch of random stuff☆21Apr 11, 2020Updated 5 years ago
- ☆64Apr 1, 2021Updated 4 years ago
- Extract annoations from Ghidra into an X32/X64 dbg database☆57Feb 24, 2021Updated 5 years ago
- Ghidra Extension to integrate BinDiff for function matching☆288Nov 2, 2025Updated 4 months ago
- A collection of open source threat detection rules created by Cyber Castle's team.☆14Jun 2, 2022Updated 3 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58May 24, 2021Updated 4 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- A Dockerized Ghidra Server☆15Jan 9, 2021Updated 5 years ago
- Ghidra plugin for https://analyze.intezer.com☆72Oct 23, 2022Updated 3 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Dec 23, 2020Updated 5 years ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Nov 16, 2018Updated 7 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Automatic generation of YARA rules from sample files.☆28Apr 10, 2025Updated 11 months ago
- A ready-made template for a project based on libpeconv.☆52Oct 31, 2025Updated 4 months ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- Official VirusTotal plugin for IDA Pro☆181Feb 4, 2026Updated last month
- The Multiplatform Linux Sandbox☆16Dec 19, 2023Updated 2 years ago
- ☆15Jun 5, 2019Updated 6 years ago
- IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database☆547Jun 25, 2023Updated 2 years ago
- Hacky scripts to fixup stack strings in Ghidra's decompiler.☆36May 22, 2022Updated 3 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago