MANDIANT

Pinned Repositories

capa
The FLARE team's open-source tool to identify capabilities in executable files.
Language:Python3.9k 81 841494
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
Language:PowerShell6.7k 283 2321.3k
flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Language:Python1.7k 112 98353
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Language:Python3.1k 131 473444
flare-ida
IDA Pro utilities from FLARE team
Language:Python2.1k 152 56467
flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Language:PowerShell6k 200 500877
red_team_tool_countermeasures
Language:YARA2.6k 243 12847
SharPersist
Language:C#1.3k 41 1245
speakeasy
Windows kernel and user mode emulation.
Language:Python1.4k 55 74225
Vulnerability-Disclosures
Language:C++180 26 561

MANDIANT's Repositories

mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
Language:PowerShell6.7k 283 2321.3k
mandiant/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Language:PowerShell6k 200 500877
mandiant/capa
The FLARE team's open-source tool to identify capabilities in executable files.
Language:Python3.9k 81 841494
mandiant/flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Language:Python3.1k 131 473444
mandiant/red_team_tool_countermeasures
Language:YARA2.6k 243 12847
mandiant/flare-ida
IDA Pro utilities from FLARE team
Language:Python2.1k 152 56467
mandiant/flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Language:Python1.7k 112 98353
mandiant/speakeasy
Windows kernel and user mode emulation.
Language:Python1.4k 55 74225
mandiant/gocrack
GoCrack is a management frontend for password cracking tools written in Go
Language:Go1.1k 56 44240
mandiant/Ghidrathon
The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
Language:Java654 9 6653
mandiant/ReelPhish
Language:Python503 37 3153
mandiant/capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
499 22 307151
mandiant/GoReSym
Go symbol recovery tool
Language:Go473 12 3360
mandiant/PwnAuth
Language:Python356 19 589
mandiant/ADFSpoof
Language:Python335 10 758
mandiant/STrace
A DTrace on Windows Reimplementation
Language:C++308 14 1044
mandiant/GeoLogonalyzer
GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
Language:Python194 28 859
mandiant/macos-UnifiedLogs
Language:Rust192 12 1014
mandiant/Vulnerability-Disclosures
Language:C++180 26 561
mandiant/dncil
The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
Language:Python131 9 1014
mandiant/ccmpwn
Language:Python128 2 011
mandiant/VM-Packages
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
Language:PowerShell120 9 42961
mandiant/gocrack-ui
The User Interface for GoCrack
Language:Vue84 8 152
mandiant/citrix-ioc-scanner-cve-2023-3519
Language:Shell66 9 174
mandiant/SSSDKCMExtractor
Language:Python52 5 126
mandiant/gootloader
Collection of scripts used to deobfuscate GOOTLOADER malware samples.
Language:Python48 8 26
mandiant/capa-testfiles
Data to test capa's code and rules.
Language:Max35 7 062
mandiant/gocat
Provides access to libhashcat
Language:Go30 7 323
mandiant/flare-gsoc-2024
Supporting resources and documentation for FLARE @ Google Summer of Code 2024
14 7 0
mandiant/flare-floss-testfiles
Resources for testing FLOSS by the FLARE team.
Language:C6 5 020