its0x08
Follow
🪲Malware analysis/Reverse
Reverse engineering and pentesting for Android applications
pefile is a Python module to read and work with PE (Portable Executable) files
An automatic unpacker and logger for DotNet Framework targeting files
Send patches to https://review.coreboot.org: https://www.flashrom.org/Development_Guidelines#GitHub
Yet Another Yara Automaton - Automatically curate open source yara rules and run scans
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!
edb is a cross-platform AArch32/x86/x86-64 debugger.
Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will …
Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK.
Configuration Extractors for Malware
ClamAV - Documentation is here: https://docs.clamav.net
blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.
Free and Open Source Reverse Engineering Platform powered by rizin
jq for binary formats - tool, language and decoders for working with binary and text formats
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
Live Feed of C2 servers, tools, and botnets
Organized list of my malware development resources
Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"
A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode
Program for determining types of files for Windows, Linux and MacOS.