Starred repositories
Leo Hypervisor. ARM64 Hypervisor on Raspberry Pi 4 machine.
IDA script to parse RTTI information in executable.
Collection of YARA rules designed for usage through VirusTotal.com.
Extract AutoIt scripts embedded in PE binaries
DelphiHelper is a python IDA Pro plugin aiming to help the analysis of x86/x86_64 binaries written in Delphi programming language.
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
A Qt-based CyberChef interface designed for malware analysis workflows, particularly in IDA Pro
Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
Find JNI function signatures in APK and apply to reverse-engineering tools.
hvpp is a lightweight Intel x64/VT-x hypervisor written in C++ focused primarily on virtualization of already running operating system
✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.
pefile is a Python module to read and work with PE (Portable Executable) files
Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
A Coverage Explorer for Reverse Engineers
The research UEFI hypervisor that supports booting an operating system.
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
A Intel hypervisor for reverse engineering and system study - Abandoned
This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool
Tiny cute emulator plugin for IDA based on unicorn.