Reference implementation of how to handle a NZBLNK-URI.

Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.

Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Ghidra is a software reverse engineering (SRE) framework

Python idiomatic SDK for Cortex™ Data Lake.

Factoring as a Service

Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis

MultiAV scanner with Python and JSON API. Disclaimer: I don't maintain it any more.

Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).

Mac OS Trojan (RAT) made with love <3

pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

Tiny cute emulator plugin for IDA based on unicorn.

A list of IDA Plugins

Pure Python parser and analyzer for IDA Pro database files (.idb).

ReClassEx

Interactive Delphi Reconstructor

The password hash Argon2, winner of PHC

A fork of AFL for fuzzing Windows binaries

IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib.

Platform to host Capture the Flag competitions

Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)

WinDBG Anti-RootKit Extension

.NET debugger and assembly editor

A curated list of awesome reversing resources

Mirror of users section of rootkit.com

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.