syreal17 / CardinalLinks
Similarity Analysis to Defeat Malware Compiler Variations
☆25Updated 7 years ago
Alternatives and similar repositories for Cardinal
Users that are interested in Cardinal are comparing it to the libraries listed below
Sorting:
- Automated Memory Analysis (Black Hat Arsenal 2014)☆32Updated 11 years ago
- Simple shellcode decoder using unicorn-engine☆99Updated 9 years ago
- Haskell parser for the REIL intermediate language (currently a work-in-progress)☆11Updated 7 years ago
- Memory forensics of virtualization environments☆47Updated 10 years ago
- Binary Analysis Platform☆74Updated 11 years ago
- Triton based R2 plugin for concolic execution and total control☆33Updated 6 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆41Updated 8 years ago
- Automatic collect firmwares from internet,decompress,find binary code,extract info,file relation and function relation☆40Updated 8 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆144Updated 9 years ago
- ☆14Updated 9 years ago
- ksfinder - Retrieve exported kernel symbols from physical memory dumps☆44Updated 8 years ago
- vstruct based dissectors for various file/protocol formats☆15Updated 8 years ago
- A system to record malware using PANDA☆44Updated 6 years ago
- A Toolkit to assist with the investigation of Sandboxing software☆49Updated 9 years ago
- Some tutorials and examples for generic unpacking JAVA, .NET and x86/x64 code☆51Updated 9 years ago
- Download all of Microsoft's security updates and symbols☆42Updated 9 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago
- Synesthesia, implemented as Yices scripts☆94Updated 8 years ago
- Dynamic binary translation framework for instrumenting x86-64 user space Linux programs☆39Updated 7 years ago
- Creating function call graphs based on radare2 framwork, plot fancy graphs and extract behavior indicators☆86Updated 8 years ago
- A pure-python win32 debugger interface.☆28Updated 9 years ago
- Distributing the REconstruction of High-Level IR for Large Scale Malware Analysis☆66Updated 9 years ago
- Augmenting Static Analysis Using Pintool: Ablation☆39Updated 9 years ago
- Bit9 + Carbon Black Threat Intelligence☆81Updated 9 years ago
- ☆34Updated 8 years ago
- Slides and very basic examples☆112Updated 8 years ago
- Nosy Newt is a simple concolic execution tool for exploring the input space of a binary executable program based in Triton☆62Updated 8 years ago
- Official QEMU mirror. Please see http://wiki.qemu.org/Contribute/SubmitAPatch for how to submit changes to QEMU. Pull Requests are ignore…☆25Updated 9 years ago
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Updated 9 years ago
- IDATACO IDA Pro Plugin☆47Updated 9 years ago