Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis
☆20Jan 16, 2024Updated 2 years ago
Alternatives and similar repositories for MicroSCOPE
Users that are interested in MicroSCOPE are comparing it to the libraries listed below
Sorting:
- Mixed Boolean Arithmetic Expression Obfuscator☆74Jul 26, 2023Updated 2 years ago
- Curated list of enterprise ransomware defense resources☆14Apr 8, 2022Updated 3 years ago
- Fluently detect security measures in software.☆32Oct 26, 2025Updated 4 months ago
- This repo is created to perform I/O Request Packet (IRP) driven ransomware analysis where the IRP logs were collected during ransomware e…☆11Aug 14, 2020Updated 5 years ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago
- Windows application aiming to preserve cryptographic information used by ransomware operations. If you suspect a ransomware is running on…☆30Jul 6, 2017Updated 8 years ago
- Simplifier vmp ultra☆20Dec 9, 2023Updated 2 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Jun 30, 2023Updated 2 years ago
- x64dbg scripts for finding OEP of packers☆15Oct 22, 2018Updated 7 years ago
- IDA plugin to recover source code from panic information on rust☆17May 9, 2025Updated 9 months ago
- obfuscation that aims to not stand out☆24Mar 27, 2022Updated 3 years ago
- Windows-only Remote Access Tool (RAT) with anti-debugging and anti-sandbox checks. For educational purposes only.☆50Jul 13, 2021Updated 4 years ago
- A Linux/Windows Ransomware PoC written in Python, Go and C☆16Jun 17, 2023Updated 2 years ago
- Simple Application Restore Obfuscated Calls Made By Agile.Net (CilSecure)☆16Jun 28, 2022Updated 3 years ago
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago
- x64dbg python3 plugin☆32Jan 4, 2026Updated last month
- Conti Ransomware Source Code☆19Mar 1, 2022Updated 3 years ago
- Source code of the Rensenware ransomware in .NET☆21Jul 24, 2021Updated 4 years ago
- A disassembler☆22May 2, 2022Updated 3 years ago
- ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows t…☆25Apr 9, 2021Updated 4 years ago
- A devirtualization engine for Themida.☆106Mar 2, 2024Updated last year
- Standalone static version of Triton's x86/x64 translator☆32Mar 28, 2025Updated 10 months ago
- Reversed source code of the Babuk Ransomware Version 1☆20May 3, 2021Updated 4 years ago
- A malware researching repository.☆21Aug 10, 2021Updated 4 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆68Feb 7, 2024Updated 2 years ago
- Curated list of ransomware-related resources; awesome style.☆32Jan 17, 2025Updated last year
- C++ Program used to dump Themida and VMProtect.☆34Dec 13, 2023Updated 2 years ago
- A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆39Jul 28, 2024Updated last year
- This plugin serves as a bridge between Binary Ninja and Ghidra's disassembler.☆36Jun 27, 2022Updated 3 years ago
- ☆34Jan 26, 2024Updated 2 years ago
- Ghidra P-Code emulation and static LLVM lifting in Python☆38Mar 26, 2022Updated 3 years ago
- ProgramCMS is a complete, trustworthy CMS & easy to use PHP Framework to build and deploy All kind of Web Sites. Please note that Program…☆18Apr 30, 2025Updated 10 months ago
- Jupyter Notebook Praktikum Projects. This is repository with data analyst educational projects from Yandex.Praktikum.☆11Feb 21, 2021Updated 5 years ago
- Tools developed by the Zscaler ThreatLabz Threat Intelligence team��☆96Feb 9, 2026Updated 2 weeks ago
- Collaborative malware exchange repository.☆34Nov 21, 2024Updated last year
- Modern C++, range-based Mach-O parser designed for embedded use. Uses stack allocations only.☆34Oct 31, 2022Updated 3 years ago
- C++11 RAII memory patcher and function hooking thing☆35Oct 5, 2016Updated 9 years ago
- conti locker ransomware source code leak☆31Mar 5, 2022Updated 3 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆37May 1, 2020Updated 5 years ago