sysenter-eip / VBParser
☆16Updated this week
Related projects: ⓘ
- analysis of visual basic code☆39Updated 6 years ago
- Runtime tracer for the vb6 virtual machine☆51Updated 6 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆73Updated 9 years ago
- TA505 unpacker Python 2.7☆45Updated 4 years ago
- ☆66Updated last year
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆32Updated 5 years ago
- ☆41Updated 6 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆57Updated 3 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- ☆21Updated 3 years ago
- Various Yara signatures (possibly to be included in a release later).☆83Updated 5 years ago
- ☆46Updated this week
- Handy scripts to speed up malware analysis☆35Updated 11 months ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆83Updated 2 years ago
- IDAPython scripts☆15Updated 7 years ago
- Windows link file (shortcuts) examiner☆65Updated 3 months ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆30Updated 3 months ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆72Updated 2 years ago
- ☆64Updated this week
- MALM: Malware Monitor☆44Updated 11 years ago
- Plugin for x64dbg to generate Yara rules from function basic blocks.☆34Updated 7 years ago
- Modified edition of cuckoomon☆48Updated 6 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆16Updated 7 years ago
- CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…☆33Updated 8 years ago
- Capture BAT is a behavioral analysis tool of applications for the Win32 operating system family.☆29Updated 11 years ago
- ANBU (Automatic New Binary Unpacker) a tool for me to learn about PIN and about algorithms for generic unpacking.☆88Updated 5 years ago
- Tools for inspecting YARA bytecode☆15Updated 4 years ago
- ☆35Updated this week
- Go Lang Portable Executable Parser☆37Updated 3 years ago