struppigel / PortEx
Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
☆504Updated 3 weeks ago
Alternatives and similar repositories for PortEx:
Users that are interested in PortEx are comparing it to the libraries listed below
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆613Updated 2 years ago
- Portable Executable parsing library (from PE-bear)☆658Updated this week
- A static analyzer for PE executables.☆1,057Updated last year
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,149Updated last week
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆451Updated 6 years ago
- Automatic and platform-independent unpacker for Windows binaries based on emulation☆689Updated 6 months ago
- ☆962Updated 2 weeks ago
- Various snippets created during malware analysis☆459Updated 2 years ago
- Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping…☆543Updated 2 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆574Updated last month
- DRAKVUF Black-box Binary Analysis☆1,113Updated this week
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆249Updated 2 years ago
- Repository of modules and signatures contributed by the community☆327Updated 2 years ago
- Official repository for Pyew.☆390Updated 5 years ago
- Binee: binary emulation environment☆516Updated 2 years ago
- Dynamic unpacker based on PE-sieve☆725Updated last month
- ☆429Updated last year
- Quickly debug shellcode extracted during malware analysis☆602Updated last year
- C++ application that uses memory and code hooks to detect packers☆270Updated 7 years ago
- Volatility plugins developed and maintained by the community☆359Updated 4 years ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆497Updated 11 months ago
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆205Updated 11 years ago
- IDA Pro's FindCrypt ported to Ghidra, with an updated and customizable signature database☆532Updated last year
- A tool to detect and crash Cuckoo Sandbox☆293Updated 9 months ago
- A Miasm2 based function divination.☆534Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,086Updated 9 months ago
- Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js☆466Updated last year
- An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in gen…☆799Updated last year
- Modified edition of cuckoo☆269Updated 5 years ago
- The new Cuckoo Monitor.☆345Updated 9 months ago