trendmicro / researchLinks
Resources from Trend Micro Research teams
☆25Updated 9 months ago
Alternatives and similar repositories for research
Users that are interested in research are comparing it to the libraries listed below
Sorting:
- ☆25Updated 10 months ago
- UnpacMe IDA Byte Search☆29Updated last year
- General malware analysis stuff☆37Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆42Updated 8 months ago
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Updated 2 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆27Updated 3 years ago
- MalUnpack companion driver☆98Updated last year
- IDA Pro plugin for recognizing known hashes of API function names☆81Updated 3 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆72Updated last year
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆58Updated 4 years ago
- ☆28Updated 2 years ago
- ☆74Updated last year
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Updated 3 years ago
- IDA Python deobfuscation script for ConfuserEx binaries☆35Updated 2 years ago
- Small visualizator for PE files☆69Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- A post-processing script for TinyTracer☆37Updated 2 years ago
- Extract data of TTD trace file to a minidump☆30Updated 2 years ago
- Go Lang Portable Executable Parser☆39Updated 4 years ago
- ☆15Updated 2 years ago
- ☆17Updated 3 years ago
- ☆32Updated 3 years ago
- Native Python3 bindings for @horsicq's Detect-It-Easy☆73Updated 3 months ago
- A small tool to unmap PE memory dumps.☆11Updated last year
- IDA plugin to deobfuscate emotet CFF☆18Updated 3 years ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- Parse .NET executable files.☆77Updated last week
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆61Updated last year