struppigel / PortEx
Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
☆504Updated 2 months ago
Alternatives and similar repositories for PortEx:
Users that are interested in PortEx are comparing it to the libraries listed below
- Portable Executable parsing library (from PE-bear)☆657Updated 7 months ago
- A static analyzer for PE executables.☆1,048Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,143Updated last year
- ☆961Updated last month
- Binee: binary emulation environment☆514Updated 2 years ago
- Automatic and platform-independent unpacker for Windows binaries based on emulation☆685Updated 6 months ago
- DRAKVUF Black-box Binary Analysis☆1,104Updated this week
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆569Updated last week
- A VBA parser and emulation engine to analyze malicious macros.☆1,079Updated 8 months ago
- Quickly debug shellcode extracted during malware analysis☆595Updated last year
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆496Updated 10 months ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,878Updated 2 months ago
- Dynamic unpacker based on PE-sieve☆717Updated 2 weeks ago
- Malware Configuration And Payload Extraction☆753Updated 4 months ago
- Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…☆543Updated 2 months ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆549Updated 2 years ago
- IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database☆531Updated last year
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆450Updated 6 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆738Updated 6 years ago
- Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js☆465Updated last year
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆613Updated 2 years ago
- High Octane Triage Analysis☆720Updated this week
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,115Updated this week
- Windows kernel and user mode emulation.☆1,620Updated last month
- C++ application that uses memory and code hooks to detect packers☆270Updated 7 years ago
- Incident Response & Digital Forensics Debugging Extension☆377Updated 6 years ago
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆248Updated 2 years ago
- Supporting Data Archives for Ghidra☆264Updated 4 years ago
- PE-bear (builds only)☆775Updated last year
- YARA malware query accelerator (web frontend)☆422Updated last week