droe

followers

following

stars

Switzerland

https://daniel.roe.ch/

Daniel Roethlisberger's starred repositories

XMachOViewer

XMachOViewer is a Mach-O viewer for Windows, Linux and MacOS

Language:C++MIT75600

CTI

Random Cyber Threat Intelligence

1700

mcrit

The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.

Language:PythonGPL-3.08200

pytricia

A library for fast IP address lookup in Python.

Language:CLGPL-3.021300

HookCase

Tool for reverse engineering macOS/OS X

Language:C++71600

siegfried

signature-based file format identification

Language:GoApache-2.021900

zmap

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

Language:CApache-2.0538300

netmap

Automatically exported from code.google.com/p/netmap

Language:CBSD-2-Clause183000

PongoOS

pongoOS

Language:CNOASSERTION247300

iphone_backup_decrypt

Decrypt an encrypted iOS backup created by iTunes on Windows or MacOS

Language:PythonNOASSERTION24400

whoisit

A Python library to RDAP WHOIS-like services for internet resources such as ASNs, IPs, CIDRs and domains

Language:PythonBSD-3-Clause7000

ipsw

iOS/macOS Research Swiss Army Knife

Language:GoMIT172000

dyn-dns-list

This repository contains a comprehensive list of over 30k dynamic DNS domains as of 2024. The list is provided for informational purposes only and can be used for a variety of purposes, including blocking malicious domains, filtering content, and enhancing privacy and security.

Language:JavaScriptUnlicense7300

ssldump

ssldump - (de-facto repository gathering patches around the cyberspace)

Language:CNOASSERTION23000

stalkerware-indicators

Indicators of stalkerware apps

Language:YARA25200

Crescendo

Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.

Language:SwiftNOASSERTION100100

distorm

Powerful Disassembler Library For x86/AMD64

Language:CNOASSERTION123700

binee

Binee: binary emulation environment

Language:GoGPL-2.049400

apple_bleee

Apple BLE research

Language:PythonGPL-3.0207900

github-do-not-ban-us

GitHub do not ban us from open source world :iran:

Language:JavaScript1178900

plyara

Parse YARA rules and operate over them more easily.

Language:PythonApache-2.017300

what_is_this_c2

For all these times you're asking yourself "what is this panel again?"

MalConfScan

Volatility plugin for extracts configuration data of known malware

Language:PythonNOASSERTION47900

ghidra_scripts

Scripts for the Ghidra software reverse engineering suite.

Language:YARAGPL-3.0100600

ecfs

extended core file snapshot format

Language:C22000

ghidra

Ghidra is a software reverse engineering (SRE) framework

Language:JavaApache-2.04974200

CVE-2018-20250

exp for https://research.checkpoint.com/extracting-code-execution-from-winrar

Language:Python49400

Evil-WinRAR-Gen

Generator of malicious Ace files for WinRAR < 5.70 beta 1

Language:PythonGPL-3.012400

YARA-rules

Some YARA rules i will add from time to time

Language:YARA6000

python-exe-unpacker

A helper script for unpacking and decompiling EXEs compiled from python code.

Language:PythonGPL-3.089000