Pinned Repositories
activemime-format
ActiveMime File Format Documentation
capa
The FLARE team's open-source tool to identify capabilities in executable files.
hollows_hunter
A process scanner detecting and dumping hollowed PE modules.
IRScripts
Incident Response Scripts
OLEPackagerFormat
OLE Package Format Documentation
pftriage
Python tool and library to help analyze files during malware triage and analysis.
stackstack
UnpacMe-IDA-Byte-Search
UnpacMe IDA Byte Search
idiom's Repositories
idiom/pftriage
Python tool and library to help analyze files during malware triage and analysis.
idiom/stackstack
idiom/activemime-format
ActiveMime File Format Documentation
idiom/capa
The FLARE team's open-source tool to identify capabilities in executable files.
idiom/EmerSearch
Search Emercoin NVS records
idiom/SiT
Simple Instruction Tracer
idiom/ABD
Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
idiom/binlex
A Binary Genetic Traits Lexer Framework
idiom/capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
idiom/capstone
Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
idiom/gopep
Go Lang Portable Executable Parser
idiom/LIEF
LIEF - Library to Instrument Executable Formats
idiom/smda
SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
idiom/unicorn
Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
idiom/vxsig
Automatically generate AV byte signatures from sets of similar binaries.
idiom/Yara-detection-rules
Yara Rules for Modern Malware
idiom/AlphaGolang
IDApython Scripts for Analyzing Golang Binaries
idiom/BINScripts
Collection of simple scripts for binary analysis and RE
idiom/CCCS-Yara
YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
idiom/dotnetfile
idiom/idascope
An IDA Pro extension for easier (malware) reverse engineering
idiom/llvm-deobfuscator
idiom/qiling
Qiling Advanced Binary Emulation framework
idiom/speakeasy
Windows kernel and user mode emulation.
idiom/ursadb
Trigram database written in C++, suited for malware indexing
idiom/viv-utils
Utilities for working with vivisect
idiom/yara
The pattern matching swiss knife
idiom/Yara-Rules
Repository of Yara Rules
idiom/yara-x
A rewrite of YARA in Rust.
idiom/zydis
Fast and lightweight x86/x86-64 disassembler and code generation library