functure

functure's Stars

• hfiref0x/UACME

  Defeating Windows User Account Control

  Language:C6.5k2791191.3k

• microsoft/Detours

  Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

  Language:C++5.4k1711651k

• lief-project/LIEF

  LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

  Language:C++4.6k131836640

• InQuest/awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  3.7k17615497

• lifting-bits/mcsema

  Framework for lifting x86, amd64, aarch64, sparc32, and sparc64 program binaries to LLVM bitcode

  Language:C++2.7k113439341

• BinaryAnalysisPlatform/bap

  Binary Analysis Platform

  Language:OCaml2.1k92494274

• mstorsjo/llvm-mingw

  An LLVM/Clang/LLD based mingw-w64 toolchain

  Language:C2.1k48411195

• eset/malware-ioc

  Indicators of Compromises (IOC) of our various investigations

  Language:YARA1.7k22414267

• Neo23x0/yarGen

  yarGen is a generator for YARA rules

  Language:Python1.6k9034283

• andrivet/ADVobfuscator

  Obfuscation library based on C++11/14 and metaprogramming

  Language:C++1.4k6731241

• GoSecure/malboxes

  Builds malware analysis Windows VMs so that you don't have to.

  Language:Python1k6881134

• ctxis/CAPE

  Malware Configuration And Payload Extraction

  Language:Python74870108151

• unipacker/unipacker

  Automatic and platform-independent unpacker for Windows binaries based on emulation

  Language:Python675334883

• mitre/multiscanner

  Modular file scanning/analysis framework

  Language:Python6196075125

• InQuest/iocextract

  Defanged Indicator of Compromise (IOC) Extractor.

  Language:Python517285291

• FiligranHQ/zotprime

  Full packaged on-premise Zotero platform

  Language:PHP333162060

• dchad/malware-detection

  Malware Detection and Classification Using Machine Learning

  Language:Jupyter Notebook332253132

• cuckoosandbox/community

  Repository of modules and signatures contributed by the community

  Language:Python3246086173

• therealdreg/anticuckoo

  A tool to detect and crash Cuckoo Sandbox

  Language:C28937161

• therealdreg/DbgChild

  Debug Child Process Tool (auto attach)

  Language:C27821736

• PayloadSecurity/VxAPI

  A generic interface and CLI for all endpoints of the Falcon Sandbox API

  Language:Python212332859

• doomedraven/Tools

  Combination of different utilities, have fun!

  Language:Python207176895

• koemeet/rtti-obfuscator

  Obfuscates all RTTI (Run-time type information) inside a binary

  Language:C++1918140

• yazhiwang/ollvm-tll

  Ollvm+Armariris+LLVM 6.0.0

  Language:C++1684854

• roachspray/opcde2017

  Slides and very basic examples

  Language:C++11113120

• urwithajit9/ClaMP

  A Malware classifier dataset built with header fields’ values of Portable Executable files

  Language:YARA906528

• ocatak-zz/malware_api_class

  Malware dataset for security researchers, data scientists. Public malware dataset generated by Cuckoo Sandbox based on Windows OS API calls analysis for cyber security researchers

  Language:Python812223

• nihilboy/anti

  Automated Integration of anti-Reversing methods in PE executables

  Language:C++485119

• deadbits/yara-rules

  Collection of YARA signatures from individual research

  Language:YARA42859

• juju4/ansible-cuckoo-sandbox

  Cuckoo sandbox ansible role

  Language:Jinja16213