williballenthin

followers

following

stars

@mandiant

http://www.williballenthin.com/

Willi Ballenthin's repositories

python-evtx

Pure Python parser for Windows Event Log files (.evtx)

Language:PythonApache-2.0699 43 73

python-registry

Pure Python parser for Windows Registry hives.

Language:PythonApache-2.0426 38 63

INDXParse

Tool suite for inspecting NTFS artifacts.

Language:PythonApache-2.0211 21 37

shellbags

Cross-platform, open-source shellbag parser

Language:PythonApache-2.0148 16 13

idawilli

IDA Pro resources, scripts, and configurations

Language:PythonApache-2.0112 120

lancelot

intel x86(-64) code analysis library that reconstructs control flow

Language:RustApache-2.094 7 120

python-evt

Pure Python parser for classic Windows Event Log files (.evt)

Language:PythonApache-2.046 6 2

viv-utils

Utilities for working with vivisect

Language:PythonApache-2.020 5 21

wevt_template

extract and parse WEVT_TEMPLATEs from PE files

Language:RustApache-2.017 40

vivisect

please use https://github.com/fireeye/vivisect instead

Language:PythonApache-2.016 30

ucutils

Convenience routines for working with the Unicorn emulator in Python

Language:PythonApache-2.0900

dotfiles

Local configuration files for various Linux tools

Language:Shell5 4 10

ida-graph-exporter

Layout-preserving graph view exporter plugin for IDA Pro

Language:HTMLMIT3 10

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Language:PythonApache-2.02 1 3

williballenthin.com

Source for my personal website

Language:JavaScript2 3 3

zydis-wasm

example project with zydis targetting wasm

Language:Rust2 2 3

Adv360-Pro-ZMK

Production repository for the all-new Advantage360 Professional using ZMK engine

Language:ShellMIT1 10

binaryninja-api

Public API, examples, documentation and issues for Binary Ninja

Language:C++MIT1 10

dnfile

Parse .NET executable files.

Language:PythonMIT1 1 9

virtualbox-kvm

KVM Backend for VirtualBox. With our current development model, we cannot easily accept pull requests here. If you'd like to contribute, feel free to reach out to us, we are happy to find a solution.

GPL-3.0100

arduino-T6A04A

Arduino display driver for the T6A04A monochrome LCD driver used in TI-83 graphing calculators

Language:C++Apache-2.0020

binexport

Export disassemblies into Protocol Buffers

Apache-2.0000

dnfile-testfiles

Test data for dnfile

010

nixpkgs

Nix Packages collection

Language:NixMIT010

textual

Textual is a Rapid Application Development framework for Python. Build sophisticated user interfaces with a simple Python API. Run your apps in the terminal and (coming soon) a web browser!

Language:PythonMIT010

ursadb

Trigram database written in C++, suited for malware indexing

Language:C++BSD-3-Clause010

zycore-c

Internal library providing platform independent types, macros and a fallback for environments without LibC.

Language:CMIT010

zydis

Fast and lightweight x86/x86-64 disassembler and code generation library

Language:CMIT010

zydis-rs

Zydis Rust Bindings (work in progress)

Language:RustMIT000

zydis-rs-issue-29

Language:Rust020