Giters
a-alecs

a-alecs

Geek Repo

5

followers

63

following

500

stars

Github PK Tool:Github PK Tool

a-alecs's starred repositories

windows-api-function-cheatsheets

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.

Stargazers:549Issues:0Issues:0

auto-enum

IDA Plugin to automatically identify and set enums for standard functions

Language:PythonStargazers:290Issues:0Issues:0

Conferences

Conference presentation slides

Stargazers:1405Issues:0Issues:0

defender-dump

Dump quarantined files from Windows Defender

Language:PythonStargazers:47Issues:0Issues:0

allthingsida

Repository for the code snippets from the AllThingsIDA video channel

Language:C++License:NOASSERTIONStargazers:77Issues:0Issues:0

forensictools

Collection of forensic tools

Language:Inno SetupLicense:Apache-2.0Stargazers:500Issues:0Issues:0

IntelOwl

IntelOwl: manage your Threat Intelligence at scale

Language:PythonLicense:AGPL-3.0Stargazers:3673Issues:0Issues:0

learning-reverse-engineering

This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

Language:CStargazers:479Issues:0Issues:0

learning-malware-analysis

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.

Language:CStargazers:581Issues:0Issues:0

ELFEN

ELFEN: Automated Linux Malware Analysis Sandbox

Language:PythonLicense:GPL-3.0Stargazers:114Issues:0Issues:0

PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

Language:CLicense:UnlicenseStargazers:3135Issues:0Issues:0

static-binaries

Various *nix tools built as statically-linked binaries

Language:ShellLicense:NOASSERTIONStargazers:3089Issues:0Issues:0

FullBypass

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.

Language:C#License:GPL-3.0Stargazers:620Issues:0Issues:0

magika

Detect file content types with deep learning

Language:RustLicense:Apache-2.0Stargazers:7666Issues:0Issues:0

xcyclopedia

Encyclopedia for Executables

Language:PowerShellLicense:MITStargazers:406Issues:0Issues:0

Raccine

A Simple Ransomware Vaccine

Language:C++License:UnlicenseStargazers:943Issues:0Issues:0

binexport

Export disassemblies into Protocol Buffers

Language:C++License:Apache-2.0Stargazers:1013Issues:0Issues:0

bincat

Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free detection

Language:OCamlStargazers:1654Issues:0Issues:0

batch-ida

A python library for generate ida pro files (*.idb/*.i64) in batch mode & compare executable files use bindiff in batch mode.

Language:PythonLicense:MITStargazers:10Issues:0Issues:0

de4py

toolkit for python reverse engineering

Language:PythonLicense:GPL-3.0Stargazers:837Issues:0Issues:0

Nauz-File-Detector

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Language:C++License:MITStargazers:513Issues:0Issues:0

2024

Rules shared by the community from 100 Days of YARA 2024

Language:YARALicense:MITStargazers:74Issues:0Issues:0

100daysofYARA2024

Rules shared by the community from 100 Days of YARA 2024

Language:YARALicense:MITStargazers:8Issues:0Issues:0

awesome-edr-bypass

Awesome EDR Bypass Resources For Ethical Hacking

Stargazers:864Issues:0Issues:0

windows-driver-docs

The official Windows Driver Kit documentation sources

Language:PowerShellLicense:CC-BY-4.0Stargazers:2Issues:0Issues:0

SymStore

The history of Windows Internals via symbols.

Language:CStargazers:174Issues:0Issues:0

EDRSandblast

Language:CStargazers:1438Issues:0Issues:0

yara-forge

Automated YARA Rule Standardization and Quality Assurance Tool

Language:PythonLicense:GPL-3.0Stargazers:147Issues:0Issues:0

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Language:CLicense:Apache-2.0Stargazers:1640Issues:0Issues:0

UnpacMe-IDA-Byte-Search

UnpacMe IDA Byte Search

Language:PythonLicense:BSD-3-ClauseStargazers:25Issues:0Issues:0