Beast code in Giters

MANDIANT's repositories

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Language:PowerShellApache-2.07967 201 550

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

Language:PowerShellApache-2.07398 284 234

capa

The FLARE team's open-source tool to identify capabilities in executable files.

Language:PythonApache-2.05641 84 1081

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Language:PythonApache-2.03766 126 495

flare-ida

IDA Pro utilities from FLARE team

Language:PythonApache-2.02403 149 57

flare-fakenet-ng

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Language:PythonApache-2.02025 112 111

speakeasy

Windows kernel and user mode emulation.

Language:PythonMIT1781 57 83

gocrack

GoCrack is a management frontend for password cracking tools written in Go

Language:GoMIT1252 55 44

flare-emu

Language:PythonApache-2.0897 37 21

GoReSym

Go symbol recovery tool

Language:GoMIT842 11 40

stringsifter

A machine learning tool that ranks strings based on their relevance for malware analysis.

Language:PythonApache-2.0743 29 22

capa-rules

Standard collection of rules for capa: the tool for enumerating the capabilities of programs

Apache-2.0646 23 359

ADFSpoof

Language:PythonApache-2.0408 8 7

PwnAuth

Language:PythonApache-2.0395 18 5

STrace

A DTrace on Windows Reimplementation

Language:C++MIT358 13 13

xrefer

FLARE Team's Binary Navigator

Language:PythonApache-2.0292 3 17

macos-UnifiedLogs

A cross platform parser for Apple UnifiedLogs!

Language:RustApache-2.0279 14 37

Vulnerability-Disclosures

Language:C++211 27 5

VM-Packages

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.

Language:PowerShellApache-2.0205 12 589

GeoLogonalyzer

GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.

Language:PythonApache-2.0196 27 8

dncil

The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.

Language:PythonApache-2.0166 9 11

gostringungarbler

Python tool to resolve all strings in Go binaries obfuscated by garble

Language:PythonApache-2.013302

harbinger

Language:PythonApache-2.0132 20

gocrack-ui

The User Interface for GoCrack

Language:VueMIT88 7 1

gootloader

Collection of scripts used to deobfuscate GOOTLOADER malware samples.

Language:PythonApache-2.064 8 3

poisonplug-scatterbrain

Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator

Language:PythonApache-2.064 20

capa-testfiles

Data to test capa's code and rules.

Language:MaxApache-2.046 60

flare-gsoc

Supporting resources and documentation for FLARE @ Google Summer of Code 2025

Apache-2.026 90

shelidate

Language:GoApache-2.011 20

flare-floss-testfiles

Resources for testing FLOSS by the FLARE team.

Language:C7 40