Nhan Huynh's repositories
boxstarter
Repeatable, reboot resilient windows environment installations made easy using Chocolatey packages
capa
The FLARE team's open-source tool to identify capabilities in executable files.
capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
capstone
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
flare-dbg
flare-dbg is a project meant to aid malware reverse engineers in rapidly developing debugger scripts.
flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
flare-ida
IDA Pro utilities from FLARE team
ghidra
Ghidra is a software reverse engineering (SRE) framework
jitm
JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
python-idb
Pure Python parser and analyzer for IDA Pro database files (.idb).
qiling
A True Instrumentable Binary Emulation Framework
retdec
RetDec is a retargetable machine-code decompiler based on LLVM.
rvmi
rVMI - A New Paradigm For Full System Analysis
rvmi-qemu
QEMU with rVMI extensions
speakeasy
Windows kernel and user mode emulation.
squid-cache-extractor
Forensic artifact extraction from squid proxy cache and secondary log sources
unicorn
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
zstd
Zstandard - Fast real-time compression algorithm