MANDIANT's repositories
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Ghidrathon
The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
GeoLogonalyzer
GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
VM-Packages
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
gocrack-ui
The User Interface for GoCrack
gootloader
Collection of scripts used to deobfuscate GOOTLOADER malware samples.
capa-testfiles
Data to test capa's code and rules.
flare-gsoc-2024
Supporting resources and documentation for FLARE @ Google Summer of Code 2024
flare-floss-testfiles
Resources for testing FLOSS by the FLARE team.