Pinned Repositories
capa
The FLARE team's open-source tool to identify capabilities in executable files.
flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
EVTXtract
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
idawilli
IDA Pro resources, scripts, and configurations
INDXParse
Tool suite for inspecting NTFS artifacts.
lancelot
intel x86(-64) code analysis library that reconstructs control flow
python-evtx
Pure Python parser for Windows Event Log files (.evtx)
python-idb
Pure Python parser and analyzer for IDA Pro database files (.idb).
python-registry
Pure Python parser for Windows Registry hives.
williballenthin's Repositories
williballenthin/python-evtx
Pure Python parser for Windows Event Log files (.evtx)
williballenthin/python-idb
Pure Python parser and analyzer for IDA Pro database files (.idb).
williballenthin/python-registry
Pure Python parser for Windows Registry hives.
williballenthin/EVTXtract
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
williballenthin/idawilli
IDA Pro resources, scripts, and configurations
williballenthin/lancelot
intel x86(-64) code analysis library that reconstructs control flow
williballenthin/ucutils
Convenience routines for working with the Unicorn emulator in Python
williballenthin/viv-utils
Utilities for working with vivisect
williballenthin/ida-settings
Fetch and set configuration values for IDA Plugins
williballenthin/vivisect
please use https://github.com/fireeye/vivisect instead
williballenthin/Rejistry
Pure Java parser for Windows Registry hive files.
williballenthin/dotfiles
Local configuration files for various Linux tools
williballenthin/williballenthin.com
Source for my personal website
williballenthin/flare-ida
IDA Pro utilities from FLARE team
williballenthin/ida-cyberchef
williballenthin/Adv360-Pro-ZMK
Production repository for the all-new Advantage360 Professional using ZMK engine
williballenthin/aiwilli
williballenthin/ida-pro-mcp
MCP Server for IDA Pro
williballenthin/beads
Beads - A memory upgrade for your coding agent
williballenthin/capa
The FLARE team's open-source tool to identify capabilities in executable files.
williballenthin/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
williballenthin/efiXplorer
IDA plugin and loader for UEFI firmware analysis and reverse engineering automation
williballenthin/ida-cmake
Simple CMake files for the IDASDK
williballenthin/ida-sigmaker
sigmaker is an IDA Pro 9.0+ cross-platform signature maker plugin that works on MacOS/Linux/Windows. It allows configurable wildcard operand patterns and signature generation just by right clicking.
williballenthin/idalib
Idiomatic Rust bindings for the IDA SDK, enabling the development of standalone analysis tools using IDA v9.x’s idalib
williballenthin/ollama
Get up and running with Llama 3.3, DeepSeek-R1, Phi-4, Gemma 3, Mistral Small 3.1 and other large language models.
williballenthin/python
The Python CLI and API for talking to Meshtastic devices
williballenthin/vt-ida-plugin
Official VirusTotal plugin for IDA Pro
williballenthin/zig-cross
Example of using as a CMake Toolchain for cross compiling.
williballenthin/zydisinfo