user1342 / Monocle
☆114Updated this week
Related projects: ⓘ
- A tool for firmware cartography☆135Updated 6 months ago
- ☆103Updated last month
- Scripts to run within Ghidra, maintained by the Trellix ARC team☆73Updated last month
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆121Updated 2 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆106Updated 2 weeks ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆80Updated last year
- Powershell Linter☆46Updated 2 months ago
- ☆64Updated 2 months ago
- A command line tool for extracting machine learning ready data from software binaries powered by Radare2☆51Updated last week
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆43Updated 3 months ago
- ☆75Updated 3 months ago
- ☆122Updated 10 months ago
- ☆70Updated 2 months ago
- Get information about stripped rust executables☆18Updated 2 weeks ago
- ☆55Updated last year
- Use YARA rules on Time Travel Debugging traces☆86Updated last year
- ☆154Updated last month
- ELFEN: Automated Linux Malware Analysis Sandbox☆115Updated 2 months ago
- aiDAPal is an IDA Pro plugin that uses a locally running LLM that has been fine-tuned for Hex-Rays pseudocode to assist with code analysi…☆140Updated last month
- Python tool to check rootkits in Windows kernel☆164Updated last month
- A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by…☆72Updated 4 months ago
- ELF binary forensics tool for APT, virus, backdoor and rootkit detection☆42Updated 5 months ago
- ☆102Updated 2 months ago
- Leveraging patch diffing to discover new vulnerabilities☆101Updated last year
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆44Updated 6 months ago
- Repository of Yara Rules☆83Updated last week
- ☆115Updated last year
- ☆97Updated 10 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆105Updated 2 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆121Updated 3 months ago