Giters
Marius Genheimer (f0wl)

f0wl

Geek Repo

247

followers

21

following

432

stars

Company:SECUINFRA Falcon Team

Home Page:https://dissectingmalwa.re

Twitter:@f0wlsec

Github PK Tool:Github PK Tool

Organizations
SIFalcon

Marius Genheimer's starred repositories

Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.

Language:C++License:Apache-2.0Stargazers:3299Issues:132Issues:930

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustLicense:GPL-3.0Stargazers:2540Issues:49Issues:86

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Language:RustLicense:GPL-3.0Stargazers:1919Issues:40Issues:581

rekall

Rekall Memory Forensic Framework

Language:PythonLicense:GPL-2.0Stargazers:1896Issues:169Issues:0

bkcrack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.

Language:C++License:ZlibStargazers:1387Issues:22Issues:99

osintui

OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys

Language:RustLicense:MITStargazers:955Issues:11Issues:17

ntlm_theft

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Language:PythonLicense:GPL-3.0Stargazers:861Issues:28Issues:3

dirble

Fast directory scanning and scraping tool

Language:RustLicense:GPL-3.0Stargazers:604Issues:18Issues:28

JADXecute

JADX-gui scripting plugin for dynamic decompiler manipulation

Language:JavaStargazers:498Issues:13Issues:2

bitscout

Remote forensics meta tool

Language:ShellLicense:GPL-2.0Stargazers:436Issues:49Issues:34

sharem

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.

Language:PythonLicense:GPL-3.0Stargazers:311Issues:12Issues:7

evil-mhyprot-cli

A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.

Language:C++License:MITStargazers:300Issues:11Issues:8

DotDumper

An automatic unpacker and logger for DotNet Framework targeting files

Language:C#License:NOASSERTIONStargazers:235Issues:11Issues:1

pandora

Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results

Language:PythonLicense:AGPL-3.0Stargazers:234Issues:9Issues:123

PsyloDbg

User-friendly Microsoft Windows Debugger for Malware Analysts.

Language:PascalLicense:Apache-2.0Stargazers:189Issues:14Issues:4

VISION-ProcMon

A ProcessMonitor visualization application written in rust.

Language:TypeScriptStargazers:168Issues:6Issues:4

quokka

Quokka: A Fast and Accurate Binary Exporter

Language:C++License:Apache-2.0Stargazers:161Issues:10Issues:5

yaralyzer

Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

Language:PythonLicense:GPL-3.0Stargazers:100Issues:2Issues:0

yxd

yxd - Yuu's heX Dumper

Language:PythonLicense:0BSDStargazers:87Issues:6Issues:0

yari

YARI is an interactive debugger for YARA Language.

Language:RustLicense:MITStargazers:85Issues:4Issues:7

upx-recovery-tool

Language:PythonLicense:BSD-3-ClauseStargazers:81Issues:4Issues:1

AutoResolv

Language:PythonStargazers:77Issues:8Issues:2

2024

Rules shared by the community from 100 Days of YARA 2024

Language:YARALicense:MITStargazers:68Issues:3Issues:0

apkingo

extract info from apk files

Language:GoLicense:Apache-2.0Stargazers:66Issues:2Issues:1

HiveV5_keystream_decryptor

bad stuffs by bad guys

Language:C++Stargazers:46Issues:0Issues:0

pecoret

A Pentest Collaboration and Reporting Tool

Language:PythonLicense:GPL-3.0Stargazers:29Issues:0Issues:0

TimeDateStamp

Discover TimeDateStamps In PE File

Language:C++Stargazers:16Issues:4Issues:0

smoke_conf_extract

Language:PythonStargazers:11Issues:0Issues:0

100daysOfYaraForOT

Operational Technology related Yara rules for the 2024 #100daysofYARA challenge. #OT #ICS #SCADA

Language:YARAStargazers:5Issues:0Issues:0

zeek-exfil-detect

This Zeek package provides the possibility to detect exfiltration through statistical analysis methods.

Language:ZeekLicense:BSD-3-ClauseStargazers:4Issues:0Issues:0