sophoslabs / emotet_unflatten_pocView external linksLinks
Modified python version of Rolf Rolles' https://github.com/RolfRolles/HexRaysDeob to unflatten Emotet'S Control Flow Flattening
☆27May 5, 2022Updated 3 years ago
Alternatives and similar repositories for emotet_unflatten_poc
Users that are interested in emotet_unflatten_poc are comparing it to the libraries listed below
Sorting:
- HexRaysPyTools merged! (@NyaMisty @oopsmishap @Tim-Sobolev @OrbitOn-line)☆15Dec 15, 2025Updated 2 months ago
- Control-flow-flattening and string deobfuscator☆160Nov 8, 2021Updated 4 years ago
- 利用angr去除ollvm的虚假控制流☆14Mar 20, 2021Updated 4 years ago
- fork 自 https://gitlab.com/eshard/d810 添加了参考文章、测试样本,作为备份。☆16Nov 18, 2021Updated 4 years ago
- ☆20Mar 13, 2018Updated 7 years ago
- A small utilities to scan process memory and search patterns using frida with a single line of command☆22Aug 4, 2021Updated 4 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- IDA Pro plug-in to fix/extract/view RTTI information☆11Jan 23, 2018Updated 8 years ago
- Simple POC of Voice C2 using Speech Recognition☆13Apr 27, 2022Updated 3 years ago
- code obfuscation via control flow flattening☆13Jan 5, 2018Updated 8 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- Trace function calls using lldb☆13Jul 5, 2021Updated 4 years ago
- iPhone AppStore Tweak,Ios9 and ios10 SSLWrite, SSLRead, MGCopyAnswer hook, Theos tweaks development.☆12Apr 21, 2019Updated 6 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 7 months ago
- The future home for a library able to parse in memory lot of complex structures from common shared libs and syscalls☆15Apr 4, 2023Updated 2 years ago
- This experimetal fuzzer is meant to be used for API in-memory fuzzing on Android.☆17Nov 26, 2019Updated 6 years ago
- An IDA plugin which demangles Rust function names☆35Dec 11, 2023Updated 2 years ago
- bypass pairip, bypass google play protect with pairipcore, bypass google play protect with warning dialog,绕过play保护,破解谷歌加固,修复apk,防止闪退,移除谷歌…☆27Jan 2, 2026Updated last month
- 010 template for apfs☆26Feb 26, 2021Updated 4 years ago
- Hex-Rays microcode API plugin for breaking an obfuscating compiler☆84Jun 29, 2019Updated 6 years ago
- A Multi-Threaded PE Export Collection Utility☆14May 13, 2023Updated 2 years ago
- libapp.so分析助手☆17Jan 4, 2023Updated 3 years ago
- ☆15Oct 31, 2022Updated 3 years ago
- A debugger backend for IDA Pro built on top of of Intel’s PIN framework☆35Feb 17, 2024Updated 2 years ago
- A simple example of using Windows Hypervisor Platform (WHP)☆12Dec 18, 2020Updated 5 years ago
- ☆14Feb 19, 2021Updated 4 years ago
- ☆12May 30, 2022Updated 3 years ago
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Feb 21, 2024Updated last year
- IDAPatternSearch adds a capability of finding functions according to bit-patterns into the well-known IDA Pro disassembler based on Ghidr…☆66Sep 14, 2021Updated 4 years ago
- an attempt to intercept syscalls for iOS applications that is unfinished and works only partially☆15May 3, 2020Updated 5 years ago
- 执行 wasm 转换出来��的 C 代码,代码例子☆14Sep 7, 2018Updated 7 years ago
- substrate framework for android based on frida☆17May 15, 2020Updated 5 years ago
- Lua bindings for the Unicorn CPU emulation engine☆18Jan 31, 2026Updated 2 weeks ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- Binary Ninja script to decrypt strings in Mirai samples☆21Jun 30, 2021Updated 4 years ago
- tprt ollvm 反混淆 修改 binja il☆50Sep 5, 2024Updated last year
- ☆429May 16, 2021Updated 4 years ago
- Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.☆17Feb 6, 2023Updated 3 years ago