xabiugarte

retdec-idaplugin

IDA plugin for RetDec

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

CAPE

Malware Configuration And Payload Extraction

capstone2llvmir

Library for Capstone instruction to LLVM IR translation

cy2neo

Cy2Neo - Tiny Neo4j Cypher Workbench with D3 Visualization

ddisasm

A fast and accurate disassembler

Detours

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

Deviare2

Deviare API Hook

faiss

A library for efficient similarity search and clustering of dense vectors.

FIRST

FIRST-plugin-ida

First-radare2-plugin

FIRST-server

functionsimsearch

Some C++ example code to demonstrate how to perform code similarity searches using SimHashing.

Guanciale

:bacon: Grab info needed by Carbonara from executables and disassemblers databases

ida_ipython

An IDA Pro Plugin for embedding an IPython Kernel

IDArling

Collaborative Reverse Engineering plugin for IDA Pro & Hex-Rays

malware_decoders

Static based decoders for malware samples

memscrimper

Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"

pyREtic

pyREtic is an extensible framework for in-memory Python bytecode reverse engineering

pyvmidbg

LibVMI-based debug server, implemented in Python. Building a guest aware, stealth and agentless full-system debugger

r2vmi

Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins

RATDecoders

Python Decoders for Common Remote Access Trojans

retdec

RetDec is a retargetable machine-code decompiler based on LLVM

smda

SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.

TDL

Driver loader for bypassing Windows x64 Driver Signature Enforcement

Virtuailor

IDAPython tool for creating automatic C++ virtual tables in IDA Pro

volatility3

Volatility 3.0 development

xori

binary_function_similarity