Pinned Repositories
capa
The FLARE team's open-source tool to identify capabilities in executable files.
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
vivisect
EVTXtract
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
INDXParse
Tool suite for inspecting NTFS artifacts.
python-evtx
Pure Python parser for Windows Event Log files (.evtx)
python-idb
Pure Python parser and analyzer for IDA Pro database files (.idb).
python-registry
Pure Python parser for Windows Registry hives.
shellbags
Cross-platform, open-source shellbag parser
williballenthin's Repositories
williballenthin/python-evtx
Pure Python parser for Windows Event Log files (.evtx)
williballenthin/python-registry
Pure Python parser for Windows Registry hives.
williballenthin/INDXParse
Tool suite for inspecting NTFS artifacts.
williballenthin/shellbags
Cross-platform, open-source shellbag parser
williballenthin/idawilli
IDA Pro resources, scripts, and configurations
williballenthin/lancelot
intel x86(-64) code analysis library that reconstructs control flow
williballenthin/python-evt
Pure Python parser for classic Windows Event Log files (.evt)
williballenthin/viv-utils
Utilities for working with vivisect
williballenthin/wevt_template
extract and parse WEVT_TEMPLATEs from PE files
williballenthin/vivisect
please use https://github.com/fireeye/vivisect instead
williballenthin/ucutils
Convenience routines for working with the Unicorn emulator in Python
williballenthin/dotfiles
Local configuration files for various Linux tools
williballenthin/ida-graph-exporter
Layout-preserving graph view exporter plugin for IDA Pro
williballenthin/flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
williballenthin/williballenthin.com
Source for my personal website
williballenthin/zydis-wasm
example project with zydis targetting wasm
williballenthin/Adv360-Pro-ZMK
Production repository for the all-new Advantage360 Professional using ZMK engine
williballenthin/binaryninja-api
Public API, examples, documentation and issues for Binary Ninja
williballenthin/dnfile
Parse .NET executable files.
williballenthin/arduino-T6A04A
Arduino display driver for the T6A04A monochrome LCD driver used in TI-83 graphing calculators
williballenthin/binexport
Export disassemblies into Protocol Buffers
williballenthin/dnfile-testfiles
Test data for dnfile
williballenthin/mquery
YARA malware query accelerator (web frontend)
williballenthin/nixpkgs
Nix Packages collection
williballenthin/textual
Textual is a Rapid Application Development framework for Python. Build sophisticated user interfaces with a simple Python API. Run your apps in the terminal and (coming soon) a web browser!
williballenthin/ursadb
Trigram database written in C++, suited for malware indexing
williballenthin/zycore-c
Internal library providing platform independent types, macros and a fallback for environments without LibC.
williballenthin/zydis
Fast and lightweight x86/x86-64 disassembler and code generation library
williballenthin/zydis-rs
Zydis Rust Bindings (work in progress)
williballenthin/zydis-rs-issue-29