Starred repositories
Automated Yara Rule generation using Biclustering
SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.
A headless, extendable, multi-session, IDA Pro MCP framework.
This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.
Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
DiffRays is a research-oriented tool for binary patch diffing, designed to aid in vulnerability research, exploit development, and reverse engineering.
memory introspection and reverse engineering hypervisor powered by leveraging Hyper-V
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor lookup of approximate matching hashes
Binary Ninja plugin to analyze and simplify obfuscated code
Obfuscator-llvm Control Flow Flattening Deobfuscator
CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and …
Python tool to resolve all strings in Go binaries obfuscated by garble
ZMQ and Messagepack Powered Remote Automation Plugin for x64dbg
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, fi…
Open Adversarial Exposure Validation Platform
Demoting PPL anti-malware services to less than a guest user
Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator