An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
-
Updated
Sep 10, 2024 - C++
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
LIEF - Library to Instrument Executable Formats
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Portable Executable reversing tool with a friendly GUI
A Pin Tool for tracing API calls etc
DRAKVUF Black-box Binary Analysis
A bunch of Windows anti-debugging tricks for x86 and x64.
makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
iMonitor(冰镜 - 终端行为分析系统)
WinDBG Anti-RootKit Extension
APK/DEX detector for Windows, Linux and MacOS.
Malware sample library.
Linker/Compiler/Tool detector for Windows, Linux and MacOS.
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
idenLib - Library Function Identification [This project is not maintained anymore]
A Binary Genetic Traits Lexer Framework
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.
Toolkit for enriching and speeding up static malware analysis
Add a description, image, and links to the malware-analysis topic page so that developers can more easily learn about it.
To associate your repository with the malware-analysis topic, visit your repo's landing page and select "manage topics."