alexander-hanel's Stars
BishopFox/sliver
Adversary Emulation Framework
NotPrab/.NET-Deobfuscator
Lists of .NET Deobfuscator and Unpacker (Open Source)
JuliaPoo/Artfuscator
A C compiler targeting an artistically pleasing nightmare for reverse engineers
vitoplantamura/BugChecker
SoftICE-like kernel debugger for Windows 11
felixge/fgtrace
fgtrace is an experimental profiler/tracer that is capturing wallclock timelines for each goroutine. It's very similar to the Chrome profiler.
JLospinoso/gargoyle
A memory scanning evasion technique
eset/ipyida
IPython console integration for IDA Pro
mandiant/SilkETW
hugsy/defcon_27_windbg_workshop
DEFCON 27 workshop - Modern Debugging with WinDbg Preview
byt3bl33d3r/OffensiveDLR
Toolbox containing research notes & PoC code for weaponizing .NET's DLR
trustedsec/COFFLoader
RPISEC/llvm-deobfuscator
pbiernat/ripr
Package Binary Code as a Python class using Binary Ninja and Unicorn Engine
CheckPointSW/Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
advanced-threat-research/DotDumper
An automatic unpacker and logger for DotNet Framework targeting files
UofT-EcoSystem/CSCD70
CSCD70 Compiler Optimization
thebabush/dumb-obfuscator
Tutorial on how to write the dumbest obfuscator I could think of.
williballenthin/lancelot
intel x86(-64) code analysis library that reconstructs control flow
microsoft/CLRInstrumentationEngine
The CLR Instrumentation Engine is a cooperation profiler that allows running multiple profiling extensions in the same process.
thebabush/nampa
Nampa - FLIRT for (binary) ninjas
danielplohmann/mcrit
The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.
CheckPointSW/Anti-Debug-DB
Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of various anti-debug tricks, their implementation, and recommendations of how to mitigate the each trick.
sha0coder/libscemu
SCEMU The crates.io lib, x86 cpu and systems emulator focused mainly for anti-malware
woanware/etw-event-dumper
yellowbyte/opaque-predicates-detective
An approach to detect opaque predicates by identifying the damage caused by the obfuscation.
deadeert/EWS
Emulation Wrapper Solution is a IDA Pro plugin that brings emulator capacities to provide features such as debugging an mocking.
Mr-Malomz/mux-mongo-api
tmr232/goat
GO Approximation of Typer
goldshtn/clrmd
Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
The-Cooper-Union-CS102/Lesson-3-Control-Flow