tklengyel/drakvuf external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tklengyel/drakvuf

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tklengyel/drakvuf)

Close

tklengyel / drakvufView on GitHubMore

• External links
• Readme badge

DRAKVUF Black-box Binary Analysis

☆1,209Feb 28, 2026Updated last week

Alternatives and similar repositories for drakvuf

Users that are interested in drakvuf are comparing it to the libraries listed below

• CERT-Polska / drakvuf-sandbox

  View on GitHub
  DRAKVUF Sandbox - automated hypervisor-level malware analysis system
  ☆1,269Updated this week
• libvmi / libvmi

  View on GitHub
  The official home of the LibVMI project is at https://github.com/libvmi/libvmi.
  ☆737Jan 4, 2026Updated 2 months ago
• decaf-project / DECAF

  View on GitHub
  DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the D…
  ☆837Nov 19, 2024Updated last year
• panda-re / panda

  View on GitHub
  Platform for Architecture-Neutral Dynamic Analysis
  ☆2,722Feb 14, 2026Updated 3 weeks ago
• thalium / icebox

  View on GitHub
  Virtual Machine Introspection, Tracing & Debugging
  ☆596Feb 22, 2022Updated 4 years ago
• JusticeRage / Manalyze

  View on GitHub
  A static analyzer for PE executables.
  ☆1,107Updated this week
• mandiant / speakeasy

  View on GitHub
  Windows kernel and user mode emulation.
  ☆1,868Updated this week
• JonathanSalwan / Triton

  View on GitHub
  Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…
  ☆4,080Dec 2, 2025Updated 3 months ago
• Cisco-Talos / pyrebox

  View on GitHub
  Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU
  ☆1,682Feb 14, 2024Updated 2 years ago
• intel / kernel-fuzzer-for-xen-project

  View on GitHub
  Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
  ☆473Jul 8, 2024Updated last year
• ayoubfaouzi / al-khaser

  View on GitHub
  Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
  ☆6,868Updated this week
• ctxis / CAPE

  View on GitHub
  Malware Configuration And Payload Extraction
  ☆761Nov 22, 2024Updated last year
• KVM-VMI / kvm-vmi

  View on GitHub
  KVM-based Virtual Machine Introspection
  ☆362Oct 11, 2025Updated 4 months ago
• tandasat / HyperPlatform

  View on GitHub
  Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
  ☆1,728Nov 24, 2023Updated 2 years ago
• cmu-sei / pharos

  View on GitHub
  Automated static analysis tools for binary programs
  ☆1,675Dec 18, 2025Updated 2 months ago
• cea-sec / miasm

  View on GitHub
  Reverse engineering framework in Python
  ☆3,828Jan 26, 2025Updated last year
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,564Oct 31, 2025Updated 4 months ago
• vivisect / vivisect

  View on GitHub
  ☆987Jan 16, 2026Updated last month
• mandiant / flare-floss

  View on GitHub
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,909Feb 23, 2026Updated last week
• qilingframework / qiling

  View on GitHub
  A True Instrumentable Binary Emulation Framework
  ☆5,827Nov 5, 2025Updated 4 months ago
• unipacker / unipacker

  View on GitHub
  Automatic and platform-independent unpacker for Windows binaries based on emulation
  ☆743Aug 18, 2025Updated 6 months ago
• illera88 / Ponce

  View on GitHub
  IDA 2016 plugin contest winner! Symbolic Execution just one-click away!
  ☆1,615Jun 11, 2025Updated 8 months ago
• changeofpace / VivienneVMM

  View on GitHub
  VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
  ☆821Sep 7, 2020Updated 5 years ago
• Rurik / Noriben

  View on GitHub
  Noriben - Portable, Simple, Malware Analysis Sandbox
  ☆1,233Aug 7, 2025Updated 7 months ago
• gaasedelen / lighthouse

  View on GitHub
  A Coverage Explorer for Reverse Engineers
  ☆2,505Feb 14, 2026Updated 3 weeks ago
• a0rtega / pafish

  View on GitHub
  Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…
  ☆3,867Jun 21, 2024Updated last year
• HyperDbg / HyperDbg

  View on GitHub
  State-of-the-art native debugging tools
  ☆3,667Feb 24, 2026Updated last week
• tandasat / DdiMon

  View on GitHub
  Monitoring and controlling kernel API calls with stealth hook using EPT
  ☆1,356Jan 22, 2022Updated 4 years ago
• rieck / malheur

  View on GitHub
  A Tool for Automatic Analysis of Malware Behavior
  ☆373May 8, 2019Updated 6 years ago
• intelpt / WindowsIntelPT

  View on GitHub
  This driver implements the Intel Processor Trace functionality in Intel Skylake architecture for Microsoft Windows
  ☆466Apr 17, 2018Updated 7 years ago
• intel / libipt

  View on GitHub
  libipt - an Intel(R) Processor Trace decoder library
  ☆706Jan 8, 2026Updated last month
• joxeankoret / diaphora

  View on GitHub
  Diaphora, the most advanced Free and Open Source program diffing tool.
  ☆4,191Nov 24, 2024Updated last year
• QBDI / QBDI

  View on GitHub
  A Dynamic Binary Instrumentation framework based on LLVM.
  ☆1,734Feb 20, 2026Updated 2 weeks ago
• kevoreilly / CAPEv2

  View on GitHub
  Malware Configuration And Payload Extraction
  ☆3,031Feb 27, 2026Updated last week
• hasherezade / hollows_hunter

  View on GitHub
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,314Oct 31, 2025Updated 4 months ago
• googleprojectzero / bochspwn-reloaded

  View on GitHub
  A Bochs-based instrumentation performing kernel memory taint tracking to detect disclosure of uninitialized memory to ring 3
  ☆310Feb 24, 2019Updated 7 years ago
• anatolikalysch / VMAttack

  View on GitHub
  VMAttack PlugIn for IDA Pro
  ☆866Nov 30, 2017Updated 8 years ago
• swwwolf / wdbgark

  View on GitHub
  WinDBG Anti-RootKit Extension
  ☆645Jul 29, 2020Updated 5 years ago
• hasherezade / tiny_tracer

  View on GitHub
  A Pin Tool for tracing API calls etc
  ☆1,625Feb 8, 2026Updated 3 weeks ago