- Reverse Engineering Resource Collection. 3000+ open source tools, ~600 blog posts.
- This page only contains limited tools and posts. Read Full Version
- IDA
- Tools
- (97) NoCategory
- Structure&&Class
- (3) Collection
- (9) Skin&&Theme
- (4) Firmware&&EmbedDevice
- Signature(FLIRT...)&&Diff&&Match
- (6) IDB
- (5) CollaborativeRE
- (9) SyncWithDebugger
- ImportExport&&SyncWithOtherTools
- SpecificTarget
- IDAPython
- (6) InstructRef&&Doc
- ScriptWritting
- (16) Ancient
- Debug&&DynamicData
- (14) Decompiler&&AST
- (7) DeObfuscate
- Nav&&QuickAccess&&Graph&&Image
- (7) Android
- Apple&&macOS&&iXxx&&Objective-C&&SWift&&Mach-O
- (9) ELF
- (5) Microcode
- (6) Emulator
- RecentAdd
- (4) PartOfOtherTool
- Vul
- (7) Patch
- (3) Other
- Function
- (3) TaintAnalysis&&SymbolicExecution
- (8) string
- (3) encrypt&&decrypt
- Video&&Post
- (15) Malware
- (6) Series-LabelessIntroduction
- (24) Series-ReversingWithIDAFromScrach
- Series-UsingIDAPythonToMakeYourLifeEasier
- (50) Tool&&Plugin&&Script
- (9) Tips&&Tricks
- (146) NoCategory
- (5) Translate-TheIDAProBook
- (2) Translate-ReverseEngineeringCodeWithIDAPro
- (5) Series-ReversingCCodeWithIDA
- (7) REPractice
- (2) 新添加的
- Tools
- Ghidra
- x64dbg
- OllyDbg
- WinDBG
- Cuckoo
- Radare2
- BinaryNinja
- DBI
- VM&&Emulator
- Android
- Apple&&iOS&&iXxx
- Windows
- Linux
- Hook
- Monitor
- Malware
- Game
- OtherTools
- Posts&&Videos
- Rootkit&&Bootkit
- Hardware
- Crypto
- TODO
- Add more tools and posts
- Mainly from Github
-
[1044Star][13d] [Py] fireeye/flare-ida Multiple IDA plugins and IDAPython scripts
- StackStrings recovery of manually constructed strings described here
- Struct Typer implements the struct typing described here
- ApplyCalleeType specify or choose a function type for indirect calls as described here
- argtracker identify static arguments to functions used within a program
- idb2pat generate function patterns from an existing IDB database that can then be turned into FLIRT signatures to help identify similar functions in new files. more info
- objc2_analyzer creates cross-references between selector references and their implementations as defined in the Objective-C runtime related sections of the target Mach-O executable
- MSDN Annotations adds MSDN information from a XML file to the IDB database. more info
- ironstrings uses code emulation to recover constructed strings (stackstrings) from malware
- Shellcode Hashes create the database for hash search described in here
-
[735Star][6m] [Py] devttys0/ida Collection of IDA Python plugins/scripts/modules.
- wpsearch Searches for immediate values commonly founds in MIPS WPS checksum implementations.
- md5hash A sample implementation of MD5 in pure Python
- alleycat Finds paths to a given code block inside a function; Finds paths between two or more functions; Generates interactive call graphs
- codatify Defines ASCII-strings/functions/code that IDA's auto analysis missed; Converts all undefined bytes in the data segment into DWORDs
- fluorescence Un/highlights function call instructions
- leafblower Assists in identifying standard POSIX functions in MIPS/ARM code.
- localxrefs Finds references to any selected text from within the current function
- mipslocalvars Names stack variables used by the compiler for storing registers on the stack, simplifying stack data analysis (MIPS only)
- mipsrop Allows you to search for suitable ROP gadgets in MIPS executable code; Built-in methods to search for common ROP gadgets
- rizzo Identifies and re-names functions between two or more IDBs
-
[315Star][2m] [C] ohjeongwook/darungrim A patch analysis tool
-
[274Star][3m] [Py] jpcertcc/aa-tools Multiple RE plugins and scripts
- apt17scan.py Volatility plugin for detecting APT17 related malware and extracting its config
- emdivi_postdata_decoder Python script for decoding Emdivi's post data
- emdivi_string_decryptor IDAPython script for decrypting strings inside Emdivi
- citadel_decryptor Data decryption tool for Citadel
- adwind_string_decoder Python script for decoding strings inside Adwind
- redleavesscan Volatility plugin for detecting RedLeaves and extracting its config
- datper_splunk Python script for detects Datper communication and adds result field to Splunk index
- datper_elk Python script for detects Datper communication and adds result field to Elasticsearch index
- tscookie_decode Python script for decrypting and parsing TSCookie configure data
- wellmess_cookie_decode Python script for decoding WellMess's cookie data (support Python2)
- cobaltstrikescan Volatility plugin for detecting Cobalt Strike Beacon and extracting its config
- tscookie_data_decode Python script for decrypting and parsing TSCookie configure data
- [927Star][12d] [OCaml] airbus-seclab/bincat a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation.
- Also In Section: IDA->Tools->TaintAnalysis |
- [656Star][16d] [Py] igogo-x86/hexrayspytools assists in the creation of classes/structures and detection of virtual tables
- [604Star][3m] [Py] 0xgalz/virtuailor IDAPython tool for C++ vtables reconstruction
-
Also In Section: IDA->Tools->Debug->DebuggerData |
-
- [1749Star][2m] onethawt/idaplugins-list A list of IDA Plugins
- [358Star][9m] fr0gger/awesome-ida-x64-olly-plugin Awesome IDA, x64DBG & OllyDBG plugin
- Also In Section: x64dbg->Plugins->RecentAdd |
- [720Star][6m] [Py] zyantific/idaskins Plugin providing advanced skinning support for IDA Pro utilizing Qt stylesheets, similar to CSS.
- [5165Star][1m] [Py] refirmlabs/binwalk a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
- [490Star][4m] [Py] maddiestone/idapythonembeddedtoolkit a set of script to automate many of the steps associated with statically analyzing, or reverse engineering, the firmware of embedded devices in IDA Pro.
- [418Star][17d] [C] mcgill-dmas/kam1n0-community a scalable assembly management and analysis platform
- Also In Section: IDA->Tools->PartOfOtherTool |
- IDA插件
- kam1n0
- [599Star][26d] [Max] maktm/flirtdb A community driven collection of IDA FLIRT signature files
- [307Star][4m] push0ebp/sig-database IDA FLIRT Signature Database
- [1542Star][1m] [Py] joxeankoret/diaphora program diffing
- [358Star][12d] [Py] checkpointsw/karta source code assisted fast binary matching plugin for IDA
- [330Star][12m] [Py] joxeankoret/pigaios A tool for matching and diffing source codes directly against binaries.
- [431Star][1m] [Py] polymorf/findcrypt-yara IDA pro plugin to find crypto constants (and more)
- Also In Section: IDA->Tools->encrypt |
- [316Star][6m] [Py] williballenthin/python-idb a library for accessing the contents of IDA Pro databases
- [505Star][11m] [Py] idarlingteam/idarling a collaborative reverse engineering plugin for IDA Pro and Hex-Rays
- [258Star][1y] [C++] dga-mi-ssi/yaco a Hex-Rays IDA plugin enabling collaborative reverse-engineering on IDA databases for multiple users
- [457Star][8d] [C] bootleg/ret-sync a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with IDA/Ghidra disassemblers
- [290Star][10m] [C] a1ext/labeless Seamless synchronization of labels, function names, comments and global variables (w/wo demangling); Dynamic dumping of debugged process memory regions
- [296Star][3m] [Py] cisco-talos/ghida an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
- Also In Section: Ghidra->Plugins->WithOtherTools->IDA |
- [236Star][8m] [Py] daenerys-sre/source A framework for interoperability between IDA and Ghidra
- Also In Section: Ghidra->Plugins->WithOtherTools->IDA |
- [378Star][1m] [C++] google/binexport Export disassemblies into Protocol Buffers and to BinNavi databases
- Also In Section: OtherTools->BinNavi |
- [204Star][1y] [Py] fireeye/idawasm IDA Pro loader and processor modules for WebAssembly
- [367Star][9m] [Py] sibears/idagolanghelper Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
- [292Star][1m] [Py] strazzere/golang_loader_assist Making GO reversing easier in IDA Pro
- [303Star][1y] [Py] fsecurelabs/win_driver_plugin A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
- [218Star][1y] [Py] nccgroup/driverbuddy IDA Python script to assist with the reverse engineering of Windows kernel drivers.
- [711Star][25d] [Py] idapython/src IDAPython project for Hex-Ray's IDA Pro
- [368Star][2m] [Py] tmr232/sark IDAPython Made Easy
- [233Star][7d] [Py] inforion/idapython-cheatsheet Scripts and cheatsheets for IDAPython
- [496Star][12m] [PLpgSQL] nologic/idaref IDA Pro Instruction Reference Plugin
- [444Star][4m] [C++] alexhude/friend Flexible Register/Instruction Extender aNd Documentation
- Also In Section: IDA->Tools->Nav->NoCategory |
- [279Star][25d] [Py] fireeye/flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks
- Also In Section: IDA->Tools->Emulator |
- [267Star][17d] [Py] eset/ipyida IPython console integration for IDA Pro
- [391Star][12m] [C++] cseagle/sk3wldbg Debugger plugin for IDA Pro backed by the Unicorn Engine
- Also In Section: IDA->Tools->Emulator |
- [933Star][12m] [Py] gaasedelen/lighthouse Code Coverage Explorer for IDA Pro & Binary Ninja
- Also In Section: DBI->IntelPin->Tools->WithOtherTools->NoCategory |DBI->Frida->Tools->WithOtherTools->IDA |DBI->Frida->Tools->WithOtherTools->BinaryNinja |
- coverage-frida 使用Frida收集信息
- coverage-pin 使用Pin收集覆盖信息
- 插件 支持IDA和BinNinja
-
[604Star][3m] [Py] 0xgalz/virtuailor IDAPython tool for C++ vtables reconstruction
-
Also In Section: IDA->Tools->Structure->C++Class |
-
-
[385Star][4m] [Py] ynvb/die an IDA python plugin designed to enrich IDA`s static analysis with dynamic data
-
[1668Star][7m] [C++] yegord/snowman a native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures
- Also In Section: x64dbg->Plugins->RecentAdd |
- IDA插件
- snowman QT界面
- nocode 命令行工具
- nc 核心代码,可作为库使用
-
[1321Star][1y] [C++] rehints/hexrayscodexplorer Hex-Rays Decompiler plugin for better code navigation
-
Also In Section: IDA->Tools->Nav->NoCategory |
View Details
- 自动类型重建
- 虚表识别/导航(反编译窗口)
- C-tree可视化与导出
- 对象浏览
-
-
[406Star][3m] [C++] avast/retdec-idaplugin RetDec plugin for IDA
-
[229Star][6m] [Py] patois/dsync IDAPython plugin that synchronizes disassembler and decompiler views
- Also In Section: IDA->Tools->Nav->NoCategory |
- [1360Star][2m] [Py] fireeye/flare-floss Automatically extract obfuscated strings from malware.
- Also In Section: IDA->Tools->string |
- floss
- IDA插件
- [293Star][4m] [C++] rolfrolles/hexraysdeob Hex-Rays microcode API plugin for breaking an obfuscating compiler
- Also In Section: IDA->Tools->Microcode |
-
[1321Star][1y] [C++] rehints/hexrayscodexplorer Hex-Rays Decompiler plugin for better code navigation
-
Also In Section: IDA->Tools->Decompiler |
View Details
- 自动类型重建
- 虚表识别/导航(反编译窗口)
- C-tree可视化与导出
- 对象浏览
-
-
[444Star][4m] [C++] alexhude/friend Flexible Register/Instruction Extender aNd Documentation
- Also In Section: IDA->Tools->InstructRef |
-
[364Star][2m] [Py] l4ys/lazyida Make your IDA Lazy!
-
Also In Section: IDA->Tools->string |IDA->Tools->Vul->NoCategory |
-
-
[328Star][3m] [Py] pfalcon/scratchabit Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
-
[229Star][6m] [Py] patois/dsync IDAPython plugin that synchronizes disassembler and decompiler views
- Also In Section: IDA->Tools->Decompiler |
- [203Star][14d] [Py] patois/idacyber Data Visualization Plugin for IDA Pro
- [2563Star][5m] [Java] google/binnavi a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
- [244Star][7d] [C++] strazzere/android-scripts Collection of Android reverse engineering scripts
- Also In Section: Android->Tools->ReverseEngineering |
- [293Star][4m] [C++] rolfrolles/hexraysdeob Hex-Rays microcode API plugin for breaking an obfuscating compiler
- Also In Section: IDA->Tools->DeObfuscate |
- [488Star][1y] [Py] alexhude/uemu Tiny cute emulator plugin for IDA based on unicorn.
- [391Star][12m] [C++] cseagle/sk3wldbg Debugger plugin for IDA Pro backed by the Unicorn Engine
- Also In Section: IDA->Tools->Debug->NoCategory |
- [279Star][25d] [Py] fireeye/flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks
- Also In Section: IDA->Tools->ScriptWritting->NoCategory |
- [1531Star][7d] [Py] lifting-bits/mcsema Framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode
- [418Star][17d] [C] mcgill-dmas/kam1n0-community a scalable assembly management and analysis platform
- Also In Section: IDA->Tools->Signature(FLIRT...)->NoCategory |
- IDA插件
- kam1n0
- [491Star][7m] [Py] danigargu/heap-viewer An IDA Pro plugin to examine the glibc heap, focused on exploit development
- [364Star][2m] [Py] l4ys/lazyida Make your IDA Lazy!
-
Also In Section: IDA->Tools->string |IDA->Tools->Nav->NoCategory |
-
- [720Star][12m] [Py] keystone-engine/keypatch Multi-architecture assembler for IDA Pro. Powered by Keystone Engine.
- [289Star][2m] [Py] a1ext/auto_re IDA PRO auto-renaming plugin with tagging support
- [927Star][12d] [OCaml] airbus-seclab/bincat a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation.
- Also In Section: IDA->Tools->Structure->NoCategory |
- [1360Star][2m] [Py] fireeye/flare-floss Automatically extract obfuscated strings from malware.
- Also In Section: IDA->Tools->DeObfuscate |
- floss
- IDA插件
- [364Star][2m] [Py] l4ys/lazyida Make your IDA Lazy!
-
Also In Section: IDA->Tools->Nav->NoCategory |IDA->Tools->Vul->NoCategory |
-
- [431Star][1m] [Py] polymorf/findcrypt-yara IDA pro plugin to find crypto constants (and more)
- Also In Section: IDA->Tools->Signature(FLIRT...)->Yara |
- 2019.11 [4hou] 反作弊游戏如何破解,看看《黑色沙漠》逆向分析过程:使用 IDAPython 和 FLIRT 签名恢复 IAT
- 2019.11 [aliyun_xz] 使用IDA microcode去除ollvm混淆(下)
- 2019.10 [amossys] Exploring Hex-Rays microcode
- 2019.07 [kienbigmummy] Cách export data trong IDA
- 2019.05 [360_anquanke_learning] IDAPython实战项目——DES算法识别
- 2019.05 [carbonblack] fn_fuzzy: Fast Multiple Binary Diffing Triage with IDA
- 2019.05 [aliyun_xz] 混淆IDA F5的一个小技巧-x86
- 2019.03 [freebuf] Ponce:一键即可实现符号执行(IDA插件)
- 2019.03 [360_anquanke_learning] 为CHIP-8编写IDA processor module
- 2019.01 [pediy_new_digest] [原创]IDA7.2安装包分析
- 2019.01 [pediy_new_digest] [原创]IDA 在解析 IA64 中的 brl 指令时存在一个 Bug
- 2019.01 [ly0n] Cracking with IDA (redh@wk 2.5 crackme)
- 2018.11 [hexblog] IDA 7.2 – The Mac Rundown
- 2018.11 [pediy_new_digest] [原创]IDA动态调试ELF
- 2018.10 [pediy_new_digest] [原创] 修复 IDA Pro 7.0在macOS Mojave崩溃的问题
- 2018.10 [ptsecurity_blog] Modernizing IDA Pro: how to make processor module glitches go away
- 2018.10 [aliyun_xz] IDA-minsc在Hex-Rays插件大赛中获得第二名(2)
- 2018.10 [aliyun_xz] IDA-minsc在Hex-Rays插件大赛中获得第二名(1)
- 2018.10 [aliyun_xz] 通过两个IDAPython插件支持A12 PAC指令和iOS12 kernelcache 重定位
- 2018.09 [cisco_blogs] IDA-minsc Wins Second Place in Hex-Rays Plugins Contest
- 2018.09 [dustri] IDAPython vs. r2pipe
- 2018.06 [pediy_new_digest] [翻译]在IDA中使用Python Z3库来简化函数中的算术运算
- 2019.07 [hexacorn] Batch decompilation with IDA / Hex-Rays Decompiler
- 2019.06 [openanalysis] Disable ASLR for Easier Malware Debugging With x64dbg and IDA Pro
- 2019.06 [youtube_OALabs] Disable ASLR For Easier Malware Debugging With x64dbg and IDA Pro
- 2019.06 [openanalysis] Reverse Engineering C++ Malware With IDA Pro: Classes, Constructors, and Structs
- 2019.06 [youtube_OALabs] Reverse Engineering C++ Malware With IDA Pro
- 2019.03 [aliyun_xz] IDA Pro7.0使用技巧总结
- 2018.06 [checkpoint_research] Scriptable Remote Debugging with Windbg and IDA Pro
- 2015.07 [djmanilaice] Pycharm for your IDA development
- 2015.07 [djmanilaice] Auto open dlls and exe in current directory for IDA
- 2019.04 [360_anquanke_learning] 两种姿势批量解密恶意驱动中的上百条字串
- 2019.03 [cyber] Using IDA Python to analyze Trickbot
- 2019.01 [youtube_OALabs] Lazy String Decryption Tips With IDA PRO and Shade Ransomware Unpacked!
- 2018.09 [4hou] Hidden Bee恶意软件家族的定制IDA装载模块开发
- 2018.09 [4hou] 用IDAPython解密Gootkit中的字符串
- 2018.05 [youtube_OALabs] Unpacking Gootkit Part 2 - Debugging Anti-Analysis Tricks With IDA Pro and x64dbg
- 2018.04 [youtube_OALabs] Unpacking VB6 Packers With IDA Pro and API Hooks (Re-Upload)
- 2018.03 [youtube_OALabs] Unpacking Gootkit Malware With IDA Pro and X64dbg - Subscriber Request
- 2018.01 [youtube_OALabs] Unpacking Pykspa Malware With Python and IDA Pro - Subscriber Request Part 1
- 2017.11 [youtube_OALabs] Unpacking Process Injection Malware With IDA PRO (Part 2)
- 2017.11 [youtube_OALabs] Unpacking Process Injection Malware With IDA PRO (Part 1)
- 2017.06 [hackers_arise] Reverse Engineering Malware, Part 3: IDA Pro Introduction
- 2017.05 [4hou] 逆向分析——使用IDA动态调试WanaCrypt0r中的tasksche.exe
- 2017.05 [3gstudent] 逆向分析——使用IDA动态调试WanaCrypt0r中的tasksche.exe
- 2012.06 [trustwave_SpiderLabs_Blog] Defeating Flame String Obfuscation with IDAPython
- 2018.10 [checkpoint] Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware - Check Point Research
- 2018.10 [checkpoint] Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm. - Check Point Research
- 2018.10 [checkpoint] Labeless Part 4: Scripting - Check Point Research
- 2018.08 [checkpoint] Labeless Part 3: How to Dump and Auto-Resolve WinAPI Calls in LockPos Point-of-Sale Malware - Check Point Research
- 2018.08 [checkpoint] Labeless Part 2: Installation - Check Point Research
- 2018.08 [checkpoint] Labeless Part 1: An Introduction - Check Point Research
- 2019.11 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P25)
- 2019.10 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P24)
- 2019.10 [tradahacking] REVERSING WITH IDA FROM SCRATCH (P23)
- 2019.09 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P21)
- 2019.08 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P20)
- 2019.08 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P19)
- 2019.07 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P18)
- 2019.07 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P17)
- 2019.06 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P16)
- 2019.06 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P15)
- 2019.05 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P14)
- 2019.05 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P13)
- 2019.04 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P12)
- 2019.04 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P11)
- 2019.03 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P10)
- 2019.03 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P9)
- 2019.03 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P8)
- 2019.03 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P7)
- 2019.03 [tradahacking] REVERSING WITH IDA FROM SCRATCH (P6)
- 2019.03 [kienbigmummy] REVERSING WITH IDA FROM SCRATCH (P5)
- 2016.06 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2016.01 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2016.01 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2016.01 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2015.12 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2015.12 [paloaltonetworks] Using IDAPython to Make Your Life Easie
- 2016.01 [freebuf] IDAPython:让你的生活更美好(五)
- 2016.01 [freebuf] IDAPython:让你的生活更美好(四)
- 2016.01 [freebuf] IDAPython:让你的生活更美好(三)
- 2016.01 [freebuf] IDAPython:让你的生活更美好(二)
- 2016.01 [freebuf] IDAPython:让你的生活更美好(一)
- 2019.01 [ly0n] Reversing C code with IDA part V
- 2019.01 [ly0n] Reversing C code with IDA part IV
- 2019.01 [ly0n] Reversing C code with IDA part III
- 2018.12 [ly0n] Reversing C code with IDA part II
- 2018.01 [ly0n] Reversing C code with IDA part I
- 2019.10 [vmray_blog] VMRay IDA Plugin v1.1: Streamlining Deep-Dive Malware Analysis
- 2019.10 [talosintelligence_blog] New IDA Pro plugin provides TileGX support
- 2019.09 [talosintelligence_blog] GhIDA: Ghidra decompiler for IDA Pro
- 2019.04 [_0xeb] climacros – IDA productivity tool
- 2019.04 [_0xeb] QScripts – IDA Scripting productivity tool
- 2019.03 [_0xeb] Daenerys: IDA Pro and Ghidra interoperability framework
- 2019.02 [kitploit_home] HexRaysCodeXplorer - Hex-Rays Decompiler Plugin For Better Code Navigation
- 2019.02 [kitploit_home] Ponce - IDA Plugin For Symbolic Execution Just One-Click Away!
- 2019.01 [talosintelligence_blog] Dynamic Data Resolver (DDR) - IDA Plugin
- 2018.12 [securityonline] HexRaysCodeXplorer: Hex-Rays Decompiler plugin for better code navigation
- 2018.11 [4hou] FLARE脚本系列:使用idawasm IDA Pro插件逆向WebAssembly(Wasm)模块
- 2018.10 [aliyun_xz] 用idawasm IDA Pro逆向WebAssembly模块
- 2018.10 [fireeye_threat_research] FLARE Script Series: Reverse Engineering WebAssembly Modules Using the idawasm IDA Pro Plugin
- 2018.10 [vmray_blog] Introducing the IDA Plugin for VMRay Analyzer
- 2018.09 [ptsecurity_blog] How we developed the NIOS II processor module for IDA Pro
- 2018.09 [talosintelligence_blog] IDA-minsc Wins Second Place in Hex-Rays Plugins Contest
- 2018.09 [msreverseengineering_blog] Weekend Project: A Custom IDA Loader Module for the Hidden Bee Malware Family
- 2018.08 [360_anquanke_learning] Lua程序逆向之为Luac编写IDA Pro处理器模块
- 2018.06 [dougallj] Writing a Hex-Rays Plugin: VMX Intrinsics
- 2018.05 [freebuf] HeapViewer:一款专注于漏洞利用开发的IDA Pro插件
- 2008.10 [pediy_new_digest] [翻译]The IDA Pro Book 第六章
- 2008.10 [pediy_new_digest] [翻译](20081030更新)The IDA Pro Book 第12章:使用FLIRT签名识别库
- 2008.10 [pediy_new_digest] [翻译]The IDA Pro Book(第二章)
- 2008.10 [pediy_new_digest] [翻译]The IDA Pro book 第5章---IDA DATA DISPLAY
- 2008.10 [pediy_new_digest] [翻译]The IDA Pro Book(第一章)
- 2009.01 [pediy_new_digest] [原创]Reverse Engineering Code with IDA Pro第七章中文译稿
- 2008.06 [pediy_new_digest] [翻译]Reverse Engineering Code with IDA Pro(第一、二章)
- 2019.06 [devco] 破密行動: 以不尋常的角度破解 IDA Pro 偽隨機數
- 2019.04 [venus_seebug] 使用 IDA Pro 的 REobjc 模块逆向 Objective-C 二进制文件
- 2018.11 [somersetrecon] Introduction to IDAPython for Vulnerability Hunting - Part 2
- 2018.07 [360_anquanke_learning] 如何使用 IDAPython 寻找漏洞
- 2018.07 [somersetrecon] Introduction to IDAPython for Vulnerability Hunting
- 2018.03 [duo_blog_duo_labs] Reversing Objective-C Binaries With the REobjc Module for IDA Pro
- 2006.05 [pediy_new_digest] Themida v1008 驱动程序分析,去除花指令的 IDA 文件
- [18381Star][7d] [Java] nationalsecurityagency/ghidra Ghidra is a software reverse engineering (SRE) framework
- [445Star][8m] [YARA] ghidraninja/ghidra_scripts Scripts for the Ghidra software reverse engineering suite.
- binwalk Runs binwalk on the current program and bookmarks the findings
- yara Automatically find crypto constants in the loaded program - allows to very quickly identify crypto code.
- swift_demangler Automatically demangle swift function names
- golang_renamer Restores function names from a stripped Go binary
- [201Star][7m] [Java] rolfrolles/ghidrapal Ghidra Program Analysis Library(No Doc)
- [296Star][3m] [Py] cisco-talos/ghida an IDA Pro plugin that integrates the Ghidra decompiler in IDA.
- Also In Section: IDA->Tools->ImportExport->Ghidra |
- [236Star][8m] [Py] daenerys-sre/source A framework for interoperability between IDA and Ghidra
- Also In Section: IDA->Tools->ImportExport->Ghidra |
- 2019.11 [deadc0de] Scripting Ghidra with Python
- 2019.11 [4hou] 使用Ghidra对WhatsApp VOIP Stack 溢出漏洞的补丁对比分析
- 2019.10 [securityaffairs] Researchers discovered a code execution flaw in NSA GHIDRA
- 2019.10 [4hou] CVE-2019-16941: NSA Ghidra工具RCE漏洞
- 2019.09 [venus_seebug] 使用 Ghidra 对 iOS 应用进行 msgSend 分析
- 2019.09 [4hou] 利用Ghidra分析TP-link M7350 4G随身WiFi的RCE漏洞
- 2019.09 [4hou] 使用Ghidra对iOS应用进行msgSend分析
- 2019.09 [dustri] Radare2, IDA Pro, and Binary ninja, a metaphoric comparison
- 2019.09 [youtube_WarrantyVoider] X360 XEX Decompiling With Ghidra
- 2019.08 [youtube_WarrantyVoider] N64 ROM Decompiling With Ghidra - N64LoaderWV
- 2019.08 [aliyun_xz] CVE-2019-12103 使用Ghidra分析TP-Link M7350上的预认证RCE
- 2019.08 [4hou] 基于Ghidra和Neo4j的RPC分析技术
- 2019.08 [hackertor] Ghidra (Linux) 9.0.4 Arbitrary Code Execution
- 2019.08 [kitploit_exploit] Ghidra (Linux) 9.0.4 Arbitrary Code Execution
- 2019.07 [hackertor] NA – CVE-2019-13623 – In NSA Ghidra through 9.0.4, path traversal can…
- 2019.07 [hackertor] NA – CVE-2019-13625 – NSA Ghidra before 9.0.1 allows XXE when a…
- 2019.06 [dawidgolak] IcedID aka #Bokbot Analysis with Ghidra.
- 2019.05 [vimeo_user18478112] Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019
- 2019.04 [youtube_X0x6d696368] Ghidra: Stack Depth (to detect stack manipulation)
- 2019.04 [aliyun_xz] 利用Ghidra分析恶意软件Emotet
- [34521Star][14d] [C++] x64dbg/x64dbg An open-source x64/x32 debugger for windows.
- [1668Star][7m] [C++] yegord/snowman a native code to C/C++ decompiler, supporting x86, AMD64, and ARM architectures
- Also In Section: IDA->Tools->Decompiler |
- IDA插件
- snowman QT界面
- nocode 命令行工具
- nc 核心代码,可作为库使用
- [1348Star][23d] [C] x64dbg/x64dbgpy Automating x64dbg using Python, Snapshots:
- [971Star][27d] [Py] x64dbg/docs x64dbg Documentation
- [457Star][8d] [C] bootleg/ret-sync a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with IDA/Ghidra disassemblers
- [358Star][9m] fr0gger/awesome-ida-x64-olly-plugin Awesome IDA, x64DBG & OllyDBG plugin
- Also In Section: IDA->Tools->Collection |
- [565Star][6m] [C#] fremag/memoscope.net Dump and analyze .Net applications memory ( a gui for WinDbg and ClrMd )
- [275Star][13d] [Py] hugsy/defcon_27_windbg_workshop DEFCON 27 workshop - Modern Debugging with WinDbg Preview
- [227Star][9m] [C++] microsoft/windbg-samples Sample extensions, scripts, and API uses for WinDbg.
- 2019.10 [freebuf] Iris:一款可执行常见Windows漏洞利用检测的WinDbg扩展
- 2019.08 [lowleveldesign] Synthetic types and tracing syscalls in WinDbg
- 2019.08 [hackertor] Iris – WinDbg Extension To Perform Basic Detection Of Common Windows Exploit Mitigations
- 2019.07 [osr] How L1 Terminal Fault (L1TF) Mitigation and WinDbg Wasted My Morning (a.k.a. Yak Shaving: WinDbg Edition)
- 2019.06 [360_anquanke_learning] 《Dive into Windbg系列》Explorer无法启动排查
- 2019.04 [360_anquanke_learning] 《Dive into Windbg系列》AudioSrv音频服务故障
- 2019.03 [aliyun_xz] 为WinDbg和LLDB编写ClrMD扩展
- 2019.03 [offensive_security] Development of a new Windows 10 KASLR Bypass (in One WinDBG Command)
- 2019.02 [youtube_OALabs] WinDbg Basics for Malware Analysis
- [5948Star][2m] [Java] google/android-classyshark Analyze any Android/Java based app or game
- [4872Star][7m] [Java] guardianproject/haven Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensors
- [4752Star][7d] [C++] facebook/redex A bytecode optimizer for Android apps
- [3578Star][24d] [C++] anbox/anbox a container-based approach to boot a full Android system on a regular GNU/Linux system
- [1114Star][11d] [Java] huangyz0918/androidwm An android image watermark library that supports invisible digital watermarks (steganography).
- [873Star][2m] [C] 504ensicslabs/lime LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
- [537Star][27d] nordicsemiconductor/android-nrf-connect Documentation and issue tracker for nRF Connect for Android.
- [447Star][11m] [Kotlin] shadowsocks/kcptun-android kcptun for Android.
- [408Star][2m] [CSS] angea/pocorgtfo a "PoC or GTFO" mirror with extra article index, direct links and clean PDFs.
- [404Star][1y] [Java] testwhat/smaliex A wrapper to get de-optimized dex from odex/oat/vdex.
- [276Star][8m] [Py] micropyramid/forex-python Foreign exchange rates, Bitcoin price index and currency conversion using ratesapi.io
- [253Star][3m] [Py] amimo/dcc DCC (Dex-to-C Compiler) is method-based aot compiler that can translate DEX code to C code.
- [206Star][2m] [C] derrekr/fastboot3ds A homebrew bootloader for the Nintendo 3DS that is similar to android's fastboot.
- [14478Star][26d] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
- [3431Star][13d] [Java] meituan-dianping/robust Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
- [1111Star][5m] [Java] manbanggroup/phantom 唯一零 Hook 稳定占坑类 Android 热更新插件化方案
- [5028Star][1m] [Java] meituan-dianping/walle Android Signature V2 Scheme签名下的新一代渠道包打包神器
- [12203Star][14d] [Java] signalapp/signal-android A private messenger for Android.
- [8597Star][26d] [Java] android-hacker/virtualxposed A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
- [2470Star][6m] taichi-framework/taichi A framework to use Xposed module with or without Root/Unlock bootloader, supportting Android 5.0 ~ 10.0
- [1963Star][27d] [Java] elderdrivers/edxposed Elder driver Xposed Framework.
- [1702Star][1y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
- [1593Star][26d] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
- [1291Star][27d] [Java] android-hacker/exposed A library to use Xposed without root or recovery(or modify system image etc..).
- [782Star][7m] [Java] blankeer/mdwechat 一个能让微信 Material Design 化的 Xposed 模块
- [633Star][21d] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
- [475Star][2m] [Java] tornaco/x-apm 应用管理 Xposed
- [321Star][1y] [C] smartdone/dexdump 快速脱一代壳的xposed插件
- [302Star][12d] bigsinger/androididchanger Xposed Module for Changing Android Device Info
- [289Star][14d] [Java] ganyao114/sandvxposed Xposed environment without root (OS 5.0 - 10.0)
- [213Star][1y] [Kotlin] paphonb/androidp-ify [Xposed] Use features introduced in Android P on your O+ Device!
- [201Star][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
- [1757Star][7m] [C++] wrbug/dumpdex Android unpack
- [1438Star][3m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
- [807Star][3m] [C] strazzere/android-unpacker Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
- [691Star][1m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
- [356Star][2m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
- [313Star][5m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages
- [1468Star][3m] [C] iqiyi/xhook a PLT (Procedure Linkage Table) hook library for Android native ELF
- [1466Star][2m] [C++] jmpews/hookzz a hook framework for arm/arm64/ios/android, and [dev] branch is being refactored.
- [795Star][7m] [C++] aslody/whale Hook Framework for Android/IOS/Linux/MacOS
- [524Star][6m] [Java] aslody/andhook Android dynamic instrumentation framework
- [344Star][7m] [C] turing-technician/fasthook Android ART Hook
- [1474Star][1y] [C++] f1xpl/openauto AndroidAuto headunit emulator
- [518Star][7m] [Java] limboemu/limbo Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
- Also In Section: VM->QEMU->Tools->RecentAdd |
- [466Star][3m] [Java] strazzere/anti-emulator Android Anti-Emulator
- [10738Star][17d] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
- [6708Star][9m] [Java] amitshekhariitbhu/android-debug-database A library for debugging android databases and shared preferences - Make Debugging Great Again
- [422Star][4m] [Shell] ashishb/android-malware Collection of android malware samples
- [347Star][2m] [Java] droidefense/engine Droidefense: Advance Android Malware Analysis Framework
- [3059Star][1m] [Java] calebfenton/simplify Generic Android Deobfuscator
- [290Star][4m] [C] shadowsocks/simple-obfs-android A simple obfuscating tool for Android
- [9178Star][10d] [Java] ibotpeaches/apktool A tool for reverse engineering Android apk files
- [1967Star][26d] [Java] genymobile/gnirehtet Gnirehtet provides reverse tethering for Android
- [577Star][2m] [C++] secrary/andromeda Andromeda - Interactive Reverse Engineering Tool for Android Applications
- [437Star][7m] maddiestone/androidappre Android App Reverse Engineering Workshop
- [265Star][9m] [Dockerfile] cryptax/androidre Reverse engineering Android
- [244Star][7d] [C++] strazzere/android-scripts Collection of Android reverse engineering scripts
- Also In Section: IDA->Tools->Android |
- 2019.12 [aliyun_xz] Android智能终端系统的安全加固(上)
- 2019.11 [venus_seebug] Android勒索病毒分析(上)
- [10902Star][12d] [Objective-C] flipboard/flex An in-app debugging and exploration tool for iOS
- [7992Star][2m] [Py] facebook/chisel Chisel is a collection of LLDB commands to assist debugging iOS apps.
- [5764Star][3m] [Objective-C] square/ponydebugger Remote network and data debugging for your native iOS app using Chrome Developer Tools
- [4627Star][16d] [C] google/ios-webkit-debug-proxy A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
- [4343Star][13d] [Swift] signalapp/signal-ios A private messenger for iOS.
- [3653Star][4m] [C] facebook/fishhook A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
- [3280Star][2m] [Swift] yagiz/bagel a little native network debugging tool for iOS
- [3202Star][4m] [Objective-C] naituw/ipapatch Patch iOS Apps, The Easy Way, Without Jailbreak.
- [2838Star][12d] [Objective-C] facebook/idb idb is a flexible command line interface for automating iOS simulators and devices
- [2731Star][22d] [Makefile] theos/theos A cross-platform suite of tools for building and deploying software for iOS and other platforms.
- [2683Star][4m] [Objective-C] dantheman827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
- [2681Star][1m] [Objective-C] kjcracks/clutch Fast iOS executable dumper
- [2020Star][20d] [Objective-C] ios-control/ios-deploy Install and debug iPhone apps from the command line, without using Xcode
- [1774Star][1y] aozhimin/ios-monitor-platform
- [1676Star][28d] [Swift] pmusolino/wormholy iOS network debugging, like a wizard 🧙♂️
- [1574Star][22d] ivrodriguezca/re-ios-apps A completely free, open source and online course about Reverse Engineering iOS Applications.
- [1239Star][2m] michalmalik/osx-re-101 A collection of resources for OSX/iOS reverse engineering.
- [996Star][2m] [Objective-C] lmirosevic/gbdeviceinfo Detects the hardware, software and display of the current iOS or Mac OS X device at runtime.
- [815Star][7d] [JS] cypress-io/cypress-example-recipes Various recipes for testing common scenarios with Cypress
- [766Star][12d] [Shell] aqzt/kjyw 快捷运维,代号kjyw,项目基于shell、python,运维脚本工具库,收集各类运维常用工具脚本,实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
- [634Star][1y] [Swift] phynet/ios-url-schemes a github solution from my gist of iOS list for urls schemes
- [498Star][25d] [Swift] google/science-journal-ios Use the sensors in your mobile devices to perform science experiments. Science doesn’t just happen in the classroom or lab—tools like Science Journal let you see how the world works with just your phone.
- [468Star][8m] [C++] everettjf/machoexplorer [WIP] Explore MachO File on macOS and Windows
- [466Star][24d] pixelcyber/thor HTTP Sniffer/Capture on iOS for Network Debug & Inspect.
- [430Star][11m] captainarash/the_holy_book_of_x86 A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS....
- [380Star][11m] [C] coolstar/electra1131 Electra for iOS 11.0 - 11.3.1
- [337Star][2m] [C] trailofbits/cb-multios DARPA Challenges Sets for Linux, Windows, and macOS
- [305Star][7d] [Swift] securing/iossecuritysuite iOS platform security & anti-tampering Swift library
- [244Star][18d] [C++] s0uthwest/futurerestore iOS upgrade and downgrade tool utilizing SHSH blobs
- [238Star][6m] [JS] we11cheng/wcshadowrocket iOS Shadowrocket(砸壳重签,仅供参考,添加节点存在问题)。另一个fq项目potatso源码参见:
- [231Star][3m] [Swift] shadowsocksr-live/ishadowsocksr ShadowsocksR for iOS, come from
- [1388Star][14d] [Swift] johnno1962/injectioniii Re-write of Injection for Xcode in (mostly) Swift4
- [562Star][19d] [Objective-C] hdb-li/lldebugtool LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
- [4015Star][3m] [JS] cuckoosandbox/cuckoo Cuckoo Sandbox is an automated dynamic malware analysis system
- [303Star][2m] [Py] hatching/vmcloak Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
- [236Star][6m] [Py] cuckoosandbox/community Repository of modules and signatures contributed by the community
- [236Star][3m] [Py] brad-sp/cuckoo-modified Modified edition of cuckoo
- [222Star][1y] [PHP] cuckoosandbox/monitor The new Cuckoo Monitor.
- [218Star][3m] [Shell] blacktop/docker-cuckoo Cuckoo Sandbox Dockerfile
- 2019.10 [sectechno] Cuckoo Sandbox – Automated Malware Analysis Framework
- 2019.04 [eforensicsmag] How to Integrate RSA Malware Analysis with Cuckoo Sandbox | By Luiz Henrique Borges
- 2019.02 [thehive_project] Cortex-Analyzers 1.15.3 get ready for URLhaus and Cuckoo
- 2018.07 [360_anquanke_learning] 一例IRC Bot针对Cuckoo沙箱的猥琐对抗分析
- 2018.05 [trustedsec] Malware Analysis is for the (Cuckoo) Birds – Working with Proxmox
- 2018.05 [trustedsec] Protected: Malware Analysis is for the (Cuckoo) Birds
- 2018.05 [trustedsec] Protected: Malware Analysis is for the (Cuckoo) Birds – Cuckoo Installation Notes for Debian
- 2018.04 [ly0n] Automating malware analysis, cuckoo api + postfix
- 2018.04 [ly0n] Automating malware analysis, cuckoo api + postfix
- 2018.04 [rapid7] Threat Intel Book Club: The Cuckoo's Egg wrap-up
- 2018.04 [nviso] Painless Cuckoo Sandbox Installation
- 2018.03 [rapid7] Next Threat Intel Book Club 4/5: Recapping The Cuckoo’s Egg
- 2018.03 [ensurtec] Cuckoo Sandbox Setup Tutorial
- 2018.01 [fortinet] Prevalent Threats Targeting Cuckoo Sandbox Detection and Our Mitigation
- 2018.01 [fortinet] Prevalent Threats Targeting Cuckoo Sandbox Detection and Our Mitigation
- [1373Star][13d] [C] dynamorio/drmemory Memory Debugger for Windows, Linux, Mac, and Android
- [1212Star][10d] [C] dynamorio/dynamorio Dynamic Instrumentation Tool Platform
- [246Star][4m] [C] ampotos/dynstruct Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone
- 2019.10 [freebuf] DrSemu:基于动态行为的恶意软件检测与分类工具
- 2019.06 [freebuf] Functrace:使用DynamoRIO追踪函数调用
- 2019.01 [360_anquanke_learning] 深入浅出——基于DynamoRIO的strace和ltrace
- 2018.08 [n0where] Dynamic API Call Tracer for Windows and Linux Applications: Drltrace
- 2018.07 [topsec_adlab] 动态二进制修改(Dynamic Binary Instrumentation)入门:Pin、DynamoRIO、Frida
- 2018.07 [topsec_adlab] 动态二进制修改(Dynamic Binary Instrumentation)入门:Pin、DynamoRIO、Frida
- 2018.07 [topsec_adlab] 动态二进制修改(Dynamic Binary Instrumentation)入门:Pin、DynamoRIO、Frida
- 2018.07 [topsec_adlab] 动态二进制修改(Dynamic Binary Instrumentation)入门:Pin、DynamoRIO、Frida
- 2017.11 [youtube_SECConsult] The Art of Fuzzing - Demo 10: In-memory Fuzzing HashCalc using DynamoRio
- 2017.11 [youtube_SECConsult] The Art of Fuzzing - Demo 6: Extract Coverage Information using DynamoRio
- 2016.11 [360_anquanke_learning] “Selfie”:利用DynamoRIO实现自修改代码自动脱壳的神器
- 2016.09 [securitygossip] Practical Memory Checking With Dr. Memory
- 2016.09 [sjtu_gossip] Practical Memory Checking With Dr. Memory
- 2016.08 [n0where] Dynamic Instrumentation Tool Platform: DynamoRIO
- 2012.10 [redplait] building dynamorio
- 2011.06 [redplait] dynamorio
- [298Star][1m] [C] vusec/vuzzer depends heavily on a modeified version of DataTracker, which in turn depends on LibDFT pintool.
- [933Star][12m] [Py] gaasedelen/lighthouse Code Coverage Explorer for IDA Pro & Binary Ninja
- Also In Section: IDA->Tools->Debug->DBIData |DBI->Frida->Tools->WithOtherTools->IDA |DBI->Frida->Tools->WithOtherTools->BinaryNinja |
- coverage-frida 使用Frida收集信息
- coverage-pin 使用Pin收集覆盖信息
- 插件 支持IDA和BinNinja
- [4398Star][9d] [Makefile] frida/frida Clone this repo to build Frida
- [1150Star][24d] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
- [632Star][9d] [Py] igio90/dwarf Full featured multi arch/os debugger built on top of PyQt5 and frida
- [546Star][19d] [JS] nccgroup/house A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
- [478Star][12d] [JS] iddoeldor/frida-snippets Hand-crafted Frida examples
- [416Star][3m] [C] frida/frida-python Frida Python bindings
- [398Star][12m] [Py] dstmath/frida-unpack unpack script based on frida
- [316Star][16d] [C] frida/frida-core Frida core library intended for static linking into bindings
- [298Star][29d] [JS] chichou/bagbak Yet another frida based iOS dumpdecrypted
- [293Star][3m] [JS] smartdone/frida-scripts frida scripts
- [278Star][8m] [Py] nightbringer21/fridump A universal memory dumper using Frida
- [250Star][1y] [Py] igio90/frick aka the first debugger built on top of frida
- [228Star][8d] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
- [227Star][14d] [C] frida/frida-gum Low-level code instrumentation library used by frida-core
- [570Star][1y] [Java] federicodotta/brida The new bridge between Burp Suite and Frida!
- [933Star][12m] [Py] gaasedelen/lighthouse Code Coverage Explorer for IDA Pro & Binary Ninja
- Also In Section: IDA->Tools->Debug->DBIData |DBI->IntelPin->Tools->WithOtherTools->NoCategory |DBI->Frida->Tools->WithOtherTools->BinaryNinja |
- coverage-frida 使用Frida收集信息
- coverage-pin 使用Pin收集覆盖信息
- 插件 支持IDA和BinNinja
- [933Star][12m] [Py] gaasedelen/lighthouse Code Coverage Explorer for IDA Pro & Binary Ninja
- Also In Section: IDA->Tools->Debug->DBIData |DBI->IntelPin->Tools->WithOtherTools->NoCategory |DBI->Frida->Tools->WithOtherTools->IDA |
- coverage-frida 使用Frida收集信息
- coverage-pin 使用Pin收集覆盖信息
- 插件 支持IDA和BinNinja
- [370Star][25d] [JS] nowsecure/r2frida Radare2 and Frida better together.
- Also In Section: Radare2->Plugins->WithOtherTools->NoCategory |
- 2019.07 [hackertor] Dwarf – Full Featured Multi Arch/Os Debugger Built On Top Of PyQt5 And Frida
- 2019.05 [nsfocus_blog] Frida应用基础及 APP https证书验证破解
- 2019.05 [nsfocus_blog] Frida应用基础及 APP https证书验证破解
- 2019.05 [nsfocus_blog] Frida应用基础及APP https证书验证破解
- 2019.05 [CodeColorist] Trace child process with frida on macOS
- 2019.05 [360_anquanke_learning] FRIDA脚本系列(四)更新篇:几个主要机制的大更新
- 2019.03 [360_anquanke_learning] FRIDA脚本系列(三)超神篇:百度AI“调教”抖音AI
- 2019.03 [securityinnovation_blog] Setting up Frida Without Jailbreak on the Latest iOS 12.1.4 Device
- 2019.02 [nowsecure_blog] Frida 12.3 Debuts New Crash Reporting Feature
- 2019.01 [fuzzysecurity_tutorials] Application Introspection & Hooking With Frida
- 2019.01 [fuping] 安卓APP测试之HOOK大法-Frida篇
- 2019.01 [360_anquanke_learning] FRIDA脚本系列(二)成长篇:动静态结合逆向WhatsApp
- 2019.01 [pediy_new_digest] [原创]介召几个frida在安卓逆向中使用的脚本以及延时Hook手法
- 2018.12 [360_anquanke_learning] FRIDA脚本系列(一)入门篇:在安卓8.1上dump蓝牙接口和实例
- 2018.12 [pediy_new_digest] [原创]CVE-2017-4901 VMware虚拟机逃逸漏洞分析【Frida Windows实例】
- 2018.12 [freebuf] 一篇文章带你领悟Frida的精髓(基于安卓8.1)
- 2018.12 [pediy_new_digest] [原创] Frida操作手册-Android环境准备
- 2018.11 [4hou] 使用FRIDA为Android应用进行脱壳的操作指南
- 2018.11 [pediy_new_digest] [原创]Frida Bypass Android SSL pinning example 1
- 2018.11 [freebuf] Frida-Wshook:一款基于Frida.re的脚本分析工具
- [19651Star][2m] [Jupyter Notebook] camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers aka "Bayesian Methods for Hackers": An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)
- [13183Star][26d] [Py] corentinj/real-time-voice-cloning Clone a voice in 5 seconds to generate arbitrary speech in real-time
- [11174Star][7d] [Java] oracle/graal Run Programs Faster Anywhere
- [11106Star][2m] [Jupyter Notebook] selfteaching/the-craft-of-selfteaching One has no future if one couldn't teach themself.
- [10107Star][8d] [Go] goharbor/harbor An open source trusted cloud native registry project that stores, signs, and scans content.
- [7685Star][7d] [Go] git-lfs/git-lfs Git extension for versioning large files
- [6954Star][13d] [Go] nats-io/nats-server High-Performance server for NATS, the cloud native messaging system.
- [6844Star][2m] [Go] sqshq/sampler A tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.
- [6440Star][9m] [HTML] open-power-workgroup/hospital OpenPower工作组收集汇总的医院开放数据
- [6284Star][27d] [Py] seatgeek/fuzzywuzzy Fuzzy String Matching in Python
- [5870Star][6m] [JS] haotian-wang/google-access-helper 谷歌访问助手破解版
- [5845Star][2m] [Gnuplot] nasa-jpl/open-source-rover A build-it-yourself, 6-wheel rover based on the rovers on Mars!
- [5811Star][7m] [JS] sindresorhus/fkill-cli Fabulously kill processes. Cross-platform.
- [5715Star][8m] [C] xoreaxeaxeax/movfuscator The single instruction C compiler
- [5674Star][22d] [JS] swagger-api/swagger-editor Swagger Editor
- [5653Star][16d] [Go] casbin/casbin An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
- [5317Star][7d] [Py] mlflow/mlflow Open source platform for the machine learning lifecycle
- [5163Star][3m] [Py] ytisf/thezoo A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
- [4990Star][1m] [Py] snare/voltron A hacky debugger UI for hackers
- [4928Star][13d] [ASP] hq450/fancyss fancyss is a project providing tools to across the GFW on asuswrt/merlin based router.
- [4868Star][9d] [Shell] denisidoro/navi An interactive cheatsheet tool for the command-line
- [4838Star][10d] [Go] gcla/termshark A terminal UI for tshark, inspired by Wireshark
- [4793Star][8m] [Py] 10se1ucgo/disablewintracking Uses some known methods that attempt to minimize tracking in Windows 10
- [4710Star][8d] [C++] paddlepaddle/paddle-lite Multi-platform high performance deep learning inference engine (『飞桨』多平台高性能深度学习预测引擎)
- [4630Star][6m] powershell/win32-openssh Win32 port of OpenSSH
- [4575Star][11m] [Py] ecthros/uncaptcha2 defeating the latest version of ReCaptcha with 91% accuracy
- [4551Star][1y] [C] upx/upx UPX - the Ultimate Packer for eXecutables
- [4549Star][8d] [C++] mozilla/rr Record and Replay Framework
- [4485Star][18d] [TypeScript] apis-guru/graphql-voyager
- [4339Star][12m] [Py] lennylxx/ipv6-hosts Fork of
- [4256Star][11m] [JS] butterproject/butter-desktop All the free parts of Popcorn Time
- [4243Star][9d] [Rust] timvisee/ffsend Easily and securely share files from the command line
- [4039Star][1m] [JS] sigalor/whatsapp-web-reveng Reverse engineering WhatsApp Web.
- [4023Star][2m] [Java] jesusfreke/smali smali/baksmali
- [3936Star][13d] [Go] dexidp/dex OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors
- [3916Star][7d] [Py] angr/angr A powerful and user-friendly binary analysis platform!
- [3908Star][14d] [Rust] svenstaro/genact a nonsense activity generator
- [3907Star][1m] [C] aquynh/capstone Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
- [3876Star][7d] [C++] baldurk/renderdoc RenderDoc is a stand-alone graphics debugging tool.
- [3841Star][8m] [Go] eranyanay/1m-go-websockets handling 1M websockets connections in Go
- [3832Star][2m] [Objective-C] sveinbjornt/sloth Mac app that shows all open files, directories and sockets in use by all running processes. Nice GUI for lsof.
- [3749Star][2m] [Go] microsoft/ethr Ethr is a Network Performance Measurement Tool for TCP, UDP & HTTP.
- [3731Star][13d] [Go] hashicorp/consul-template Template rendering, notifier, and supervisor for
- [3681Star][11d] jjqqkk/chromium Chromium browser with SSL VPN. Use this browser to unblock websites.
- [3675Star][8d] [HTML] hamukazu/lets-get-arrested This project is intended to protest against the police in Japan
- [3647Star][8d] [JS] lesspass/lesspass
- [3612Star][17d] [HTML] consensys/smart-contract-best-practices A guide to smart contract security best practices
- [3538Star][4m] [Shell] chengr28/revokechinacerts Revoke Chinese certificates.
- [3525Star][8d] [Pascal] cheat-engine/cheat-engine Cheat Engine. A development environment focused on modding
- [3464Star][15d] [C] cyan4973/xxhash Extremely fast non-cryptographic hash algorithm
- [3269Star][27d] [C] microsoft/windows-driver-samples This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
- [3266Star][12d] [C] virustotal/yara The pattern matching swiss knife
- [3255Star][7d] [C] mikebrady/shairport-sync AirPlay audio player. Shairport Sync adds multi-room capability with Audio Synchronisation
- [3234Star][8d] [Java] oldmanpushcart/greys-anatomy Java诊断工具
- [3215Star][27d] [JS] koenkk/zigbee2mqtt Zigbee
- [3210Star][1m] [TypeScript] google/incremental-dom An in-place DOM diffing library
- [3210Star][11d] [C] tmate-io/tmate Instant Terminal Sharing
- [3205Star][2m] [Shell] gfw-breaker/ssr-accounts 一键部署Shadowsocks服务;免费Shadowsocks账号分享;免费SS账号分享; 翻墙;无界,自由门,SquirrelVPN
- [3145Star][1y] [Shell] toyodadoubi/doubi 一个逗比写的各种逗比脚本~
- [3120Star][10d] [C] meetecho/janus-gateway Janus WebRTC Server
- [3113Star][28d] [CSS] readthedocs/sphinx_rtd_theme Sphinx theme for readthedocs.org
- [3106Star][7d] [C] qemu/qemu Official QEMU mirror. Please see
- [3065Star][9d] [Go] tencent/bk-cmdb 蓝鲸智云配置平台(BlueKing CMDB)
- [3062Star][1y] [Swift] zhuhaow/spechtlite A rule-based proxy for macOS
- [3061Star][20d] [C] unicorn-engine/unicorn Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
- [3046Star][4m] [C++] google/robotstxt The repository contains Google's robots.txt parser and matcher as a C++ library (compliant to C++11).
- [2991Star][1y] [PHP] owner888/phpspider 《我用爬虫一天时间“偷了”知乎一百万用户,只为证明PHP是世界上最好的语言 》所使用的程序
- [2962Star][14d] [Objective-C] google/santa A binary whitelisting/blacklisting system for macOS
- [2962Star][8d] [Py] quantaxis/quantaxis QUANTAXIS 支持任务调度 分布式部署的 股票/期货/自定义市场 数据/回测/模拟/交易/可视化 纯本地PAAS量化解决方案
- [2895Star][10d] [C] libfuse/sshfs A network filesystem client to connect to SSH servers
- [2876Star][7m] [C] p-h-c/phc-winner-argon2 The password hash Argon2, winner of PHC
- [2850Star][8d] [C] lxc/lxc LXC - Linux Containers
- [2840Star][5m] [Py] instantbox/instantbox Get a clean, ready-to-go Linux box in seconds.
- [2825Star][15d] [Py] espressif/esptool ESP8266 and ESP32 serial bootloader utility
- [2820Star][1m] [Assembly] cirosantilli/x86-bare-metal-examples Dozens of minimal operating systems to learn x86 system programming. Tested on Ubuntu 17.10 host in QEMU 2.10 and real hardware. Userland cheat at:
- [2802Star][9m] [Py] plasma-disassembler/plasma Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
- [2763Star][1m] [JS] trufflesuite/ganache-cli Fast Ethereum RPC client for testing and development
- [2755Star][7d] [C++] qtox/qtox qTox is a chat, voice, video, and file transfer IM client using the encrypted peer-to-peer Tox protocol.
- [2746Star][8d] [C] processhacker/processhacker A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
- [2735Star][7d] [TypeScript] webhintio/hint
- [2648Star][3m] [Py] drivendata/cookiecutter-data-science A logical, reasonably standardized, but flexible project structure for doing and sharing data science work.
- [2619Star][8m] leandromoreira/linux-network-performance-parameters Learn where some of the network sysctl variables fit into the Linux/Kernel network flow
- [2610Star][2m] [Swift] zhuhaow/nekit A toolkit for Network Extension Framework
- [2600Star][21d] [JS] knownsec/kcon KCon is a famous Hacker Con powered by Knownsec Team.
- [2598Star][8d] [JS] popcorn-official/popcorn-desktop Popcorn Time is a multi-platform, free software BitTorrent client that includes an integrated media player. Desktop ( Windows / Mac / Linux ) a Butter-Project Fork
- [2588Star][1m] pditommaso/awesome-pipeline A curated list of awesome pipeline toolkits inspired by Awesome Sysadmin
- [2555Star][1m] [C] esnet/iperf A TCP, UDP, and SCTP network bandwidth measurement tool
- [2495Star][2m] [Java] jboss-javassist/javassist Java bytecode engineering toolkit
- [2480Star][8d] [Go] adguardteam/adguardhome Network-wide ads & trackers blocking DNS server
- [2472Star][11m] [JS] weixin/miaow A set of plugins for Sketch include drawing links & marks, UI Kit & Color sync, font & text replacing.
- [2463Star][13d] [JS] vitaly-t/pg-promise PostgreSQL interface for Node.js
- [2366Star][7d] [Java] mock-server/mockserver MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
- [2351Star][8d] [C] domoticz/domoticz monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more
- [2342Star][3m] [Go] vuvuzela/vuvuzela Private messaging system that hides metadata
- [2330Star][1m] [JS] pa11y/pa11y Pa11y is your automated accessibility testing pal
- [2317Star][10d] [C] tsl0922/ttyd Share your terminal over the web
- [2272Star][1m] [C] moby/hyperkit A toolkit for embedding hypervisor capabilities in your application
- [2271Star][22d] [JS] talkingdata/inmap 大数据地理可视化
- [2246Star][16d] dumb-password-rules/dumb-password-rules Shaming sites with dumb password rules.
- [2201Star][11d] [Go] google/mtail extract whitebox monitoring data from application logs for collection in a timeseries database
- [2187Star][21d] [C++] google/bloaty Bloaty McBloatface: a size profiler for binaries
- [2171Star][14d] [C] armmbed/mbedtls An open source, portable, easy to use, readable and flexible SSL library
- [2168Star][16d] getlantern/lantern-binaries Lantern installers binary downloads.
- [2123Star][16d] [Assembly] pret/pokered disassembly of Pokémon Red/Blue
- [2105Star][7d] goq/telegram-list List of telegram groups, channels & bots // Список интересных групп, каналов и ботов телеграма // Список чатов для программистов
- [2081Star][8d] [C] flatpak/flatpak Linux application sandboxing and distribution framework
- [2071Star][30d] [Go] theupdateframework/notary Notary is a project that allows anyone to have trust over arbitrary collections of data
- [2047Star][6m] [Go] maxmcd/webtty Share a terminal session over WebRTC
- [2032Star][7d] [C++] openthread/openthread OpenThread released by Google is an open-source implementation of the Thread networking protocol
- [2006Star][9m] [C] dekunukem/nintendo_switch_reverse_engineering A look at inner workings of Joycon and Nintendo Switch
- [1992Star][25d] [Swift] github/softu2f Software U2F authenticator for macOS
- [1990Star][4m] swiftonsecurity/sysmon-config Sysmon configuration file template with default high-quality event tracing
- [1983Star][2m] [C++] asmjit/asmjit Complete x86/x64 JIT and AOT Assembler for C++
- [1958Star][26d] [C#] mathewsachin/captura Capture Screen, Audio, Cursor, Mouse Clicks and Keystrokes
- [1939Star][2m] [C] microsoft/procdump-for-linux A Linux version of the ProcDump Sysinternals tool
- [1902Star][7d] [Go] solo-io/gloo An Envoy-Powered API Gateway
- [1901Star][3m] [Go] minishift/minishift Run OpenShift 3.x locally
- [1880Star][14d] [C++] mhammond/pywin32 Python for Windows (pywin32) Extensions
- [1861Star][4m] [Java] adoptopenjdk/jitwatch Log analyser / visualiser for Java HotSpot JIT compiler. Inspect inlining decisions, hot methods, bytecode, and assembly. View results in the JavaFX user interface.
- [1849Star][11m] [C++] googlecreativelab/open-nsynth-super Open NSynth Super is an experimental physical interface for the NSynth algorithm
- [1848Star][29d] [C] github/glb-director GitHub Load Balancer Director and supporting tooling.
- [1846Star][8m] [Py] netflix-skunkworks/stethoscope Personalized, user-focused recommendations for employee information security.
- [1841Star][2m] [C] retroplasma/earth-reverse-engineering Reversing Google's 3D satellite mode
- [1841Star][13d] [C++] acidanthera/lilu Arbitrary kext and process patching on macOS
- [1835Star][1y] [Java] yeriomin/yalpstore Download apks from Google Play Store
- [1830Star][7d] [C++] pytorch/glow Compiler for Neural Network hardware accelerators
- [1829Star][1y] [Py] jinnlynn/genpac PAC/Dnsmasq/Wingy file Generator, working with gfwlist, support custom rules.
- [1827Star][2m] [Go] influxdata/kapacitor Open source framework for processing, monitoring, and alerting on time series data
- [1819Star][13d] [Py] trailofbits/manticore Symbolic execution tool
- [1788Star][28d] [Go] gdamore/tcell Tcell is an alternate terminal package, similar in some ways to termbox, but better in others.
- [1777Star][18d] [PHP] ezyang/htmlpurifier Standards compliant HTML filter written in PHP
- [1776Star][13d] [C++] apitrace/apitrace Tools for tracing OpenGL, Direct3D, and other graphics APIs
- [1759Star][12d] [C] google/wuffs Wrangling Untrusted File Formats Safely
- [1747Star][8d] 17mon/china_ip_list
- [1743Star][12m] [JS] puppeteer/examples Use case-driven examples for using Puppeteer and headless chrome
- [1740Star][8d] [PHP] wordpress/wordpress-coding-standards PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions
- [1694Star][14d] [Go] hashicorp/memberlist Golang package for gossip based membership and failure detection
- [1693Star][3m] [Py] anorov/cloudflare-scrape A Python module to bypass Cloudflare's anti-bot page.
- [1693Star][7d] [TSQL] brentozarultd/sql-server-first-responder-kit sp_Blitz, sp_BlitzCache, sp_BlitzFirst, sp_BlitzIndex, and other SQL Server scripts for health checks and performance tuning.
- [1665Star][6m] [C++] microsoft/detours Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
- [1659Star][7d] [Java] apache/geode Apache Geode
- [1655Star][6m] [C] easyhook/easyhook The reinvention of Windows API Hooking
- [1654Star][3m] [JS] tylerbrock/mongo-hacker MongoDB Shell Enhancements for Hackers
- [1647Star][3m] [Py] boppreh/keyboard Hook and simulate global keyboard events on Windows and Linux.
- [1627Star][9d] sarojaba/awesome-devblog 어썸데브블로그. 국내 개발 블로그 모음(only 실명으로).
- [1620Star][14d] [JS] efforg/privacybadger Privacy Badger is a browser extension that automatically learns to block invisible trackers.
- [1600Star][8d] [C++] lief-project/lief Library to Instrument Executable Formats
- [1599Star][9m] [JS] localtunnel/server server for localtunnel.me
- [1580Star][1y] [C] qihoo360/phptrace A tracing and troubleshooting tool for PHP scripts.
- [1577Star][1m] [Objective-C] ealeksandrov/provisionql Quick Look plugin for apps and provisioning profile files
- [1563Star][12d] [C] codahale/bcrypt-ruby Ruby binding for the OpenBSD bcrypt() password hashing algorithm, allowing you to easily store a secure hash of your users' passwords.
- [1562Star][17d] [C] p-gen/smenu Terminal utility that reads words from standard input or from a file and creates an interactive selection window just below the cursor. The selected word(s) are sent to standard output for further processing.
- [1560Star][14d] [Java] gchq/gaffer A large-scale entity and relation database supporting aggregation of properties
- [960Star][7m] [PHP] jenssegers/optimus id transformation With this library, you can transform your internal id's to obfuscated integers based on Knuth's integer has和
- [906Star][7m] [C++] dfhack/dfhack Memory hacking library for Dwarf Fortress and a set of tools that use it
- [891Star][11m] [JS] levskaya/jslinux-deobfuscated An old version of Mr. Bellard's JSLinux rewritten to be human readable, hand deobfuscated and annotated.
- [698Star][1y] [Jupyter Notebook] anishathalye/obfuscated-gradients Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
- [656Star][1y] [Rust] endgameinc/xori Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
- [653Star][9m] [Jupyter Notebook] supercowpowers/data_hacking Data Hacking Project
- [626Star][13d] [PowerShell] olafhartong/sysmon-modular A repository of sysmon configuration modules
- [576Star][5m] nshalabi/sysmontools Utilities for Sysmon
- [566Star][10m] [JS] raineorshine/solgraph Visualize Solidity control flow for smart contract security analysis.
- [520Star][28d] mhaggis/sysmon-dfir Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
- [519Star][4m] [Java] java-deobfuscator/deobfuscator The real deal
- [502Star][8m] [JS] mindedsecurity/jstillery Advanced JavaScript Deobfuscation via Partial Evaluation
- [472Star][1y] ksluckow/awesome-symbolic-execution A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
- [444Star][11m] [C++] ntquery/scylla Imports Reconstructor
- [443Star][11m] [Batchfile] ion-storm/sysmon-config Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
- [405Star][2m] [Go] retroplasma/flyover-reverse-engineering Reversing Apple's 3D satellite mode
- [403Star][17d] [Py] crytic/slither Static Analyzer for Solidity
- [382Star][1y] [HTML] maestron/reverse-engineering-tutorials Reverse Engineering Tutorials
- [342Star][12m] [Ruby] calebfenton/dex-oracle A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
- [303Star][1m] [C] nagyd/sdlpop An open-source port of Prince of Persia, based on the disassembly of the DOS version.
- [302Star][14d] [Py] baderj/domain_generation_algorithms Some results of my DGA reversing efforts
- [281Star][7d] [C] tomb5/tomb5 Chronicles Disassembly translated to C source code.
- [264Star][2m] [Assembly] pret/pokeyellow Disassembly of Pokemon Yellow
- [236Star][4m] [JS] consensys/surya A set of utilities for exploring Solidity contracts
- [210Star][11m] [Java] neo23x0/fnord Pattern Extractor for Obfuscated Code
- [526Star][7d] [Py] angr/angr-doc Documentation for the angr suite
- [1430Star][7d] [Go] google/gapid Graphics API Debugger
- [1410Star][8d] [Go] cosmos72/gomacro Interactive Go interpreter and debugger with REPL, Eval, generics and Lisp-like macros
- [1402Star][7d] [C++] eteran/edb-debugger edb is a cross platform AArch32/x86/x86-64 debugger.
- [1262Star][3m] [Go] solo-io/squash The debugger for microservices
- [1142Star][4m] [C++] cgdb/cgdb Console front-end to the GNU debugger
- [1110Star][18d] [C] blacksphere/blackmagic In application debugger for ARM Cortex microcontrollers.
- [868Star][5m] [Py] derekselander/lldb A collection of LLDB aliases/regexes and Python scripts to aid in your debugging sessions
- [822Star][7d] [C++] tasvideos/bizhawk BizHawk is a multi-system emulator written in C#. BizHawk provides nice features for casual gamers such as full screen, and joypad support in addition to full rerecording and debugging tools for all system cores.
- [557Star][1m] [C#] microsoft/miengine The Visual Studio MI Debug Engine ("MIEngine") provides an open-source Visual Studio Debugger extension that works with MI-enabled debuggers such as gdb, lldb, and clrdbg.
- [519Star][1y] [C] wubingzheng/memleax debugs memory leak of running process. Not maintained anymore, try
libleak
please. - [460Star][4m] [C++] emoon/prodbg Debugging the way it's meant to be done
- [415Star][2m] [C++] simonkagstrom/kcov Code coverage tool for compiled programs, Python and Bash which uses debugging information to collect and report data without special compilation options
- [399Star][3m] [C++] cobaltfusion/debugviewpp DebugView++, collects, views, filters your application logs, and highlights information that is important to you!
- [336Star][20d] [Py] pdbpp/pdbpp pdb++, a drop-in replacement for pdb (the Python debugger)
- [331Star][8m] [Py] romanvm/python-web-pdb Web-based remote UI for Python's PDB debugger
- [306Star][25d] [Java] widdix/aws-s3-virusscan Free Antivirus for S3 Buckets
- [287Star][2m] [Py] sosreport/sos A unified tool for collecting system logs and other debug information
- [279Star][1m] [C++] changeofpace/viviennevmm VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
- [269Star][3m] [Py] mariovilas/winappdbg WinAppDbg Debugger
- [267Star][11m] [Py] ionelmc/python-manhole Debugging manhole for python applications.
- [248Star][1m] [Py] quantopian/qdb Quantopian Remote Debugger for Python
- [239Star][5m] [C++] facebook/ds2 Debug server for lldb.
- [239Star][7m] [Py] beeware/bugjar A interactive graphical debugger for Python code.
- [232Star][7m] [C++] strivexjun/xantidebug VMProtect 3.x Anti-debug Method Improved
- [231Star][2m] [Py] gilligan/vim-lldb lldb debugger integration plugin for vim
- [220Star][8m] letoram/senseye Dynamic Visual Debugging / Reverse Engineering Toolsuite
- [215Star][25d] [Py] nteseyes/pylane An python vm injector with debug tools, based on gdb.
- [210Star][8d] [C++] thalium/icebox Virtual Machine Introspection, Tracing & Debugging
- [207Star][2m] [C] joyent/mdb_v8 postmortem debugging for Node.js and other V8-based programs
- [200Star][5m] [C++] rainers/cv2pdb converter of DMD CodeView/DWARF debug information to PDB files
- [378Star][1m] [C++] google/binexport Export disassemblies into Protocol Buffers and to BinNavi databases
- Also In Section: IDA->Tools->ImportExport->BinNavi |
- [20619Star][9d] [Java] skylot/jadx Dex to Java decompiler
- [7628Star][22d] [Java] java-decompiler/jd-gui A standalone Java Decompiler GUI
- [3091Star][1m] [Java] deathmarine/luyten An Open Source Java Decompiler Gui for Procyon
- [1842Star][1y] [Java] jindrapetrik/jpexs-decompiler JPEXS Free Flash Decompiler
- [1636Star][11m] [Java] fesh0r/fernflower Unofficial mirror of FernFlower Java decompiler (All pulls should be submitted upstream)
- [1428Star][7d] [Py] rocky/python-uncompyle6 A cross-version Python bytecode decompiler
- [1075Star][3m] [Py] storyyeller/krakatau Java decompiler, assembler, and disassembler
- [762Star][11m] [C++] comaeio/porosity UNMAINTAINED Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts
- [669Star][7d] [C#] uxmal/reko Reko is a binary decompiler.
- [663Star][10m] [C++] zrax/pycdc C++ python bytecode disassembler and decompiler
- [534Star][5m] [Java] java-decompiler/jd-eclipse A Java Decompiler Eclipse plugin
- [340Star][1m] [C#] steamdatabase/valveresourceformat Valve's Source 2 resource file format (also known as Stupid Valve Format) parser and decompiler.
- [319Star][25d] [C++] silverf0x/rpcview RpcView is a free tool to explore and decompile Microsoft RPC interfaces
- [309Star][11d] [Java] leibnitz27/cfr This is the public repository for the CFR Java decompiler
- [271Star][7m] [Shell] venshine/decompile-apk auto decompile function for produce Java source code and resources from Android Apk files that displayed on GUI.
- [239Star][2m] [Java] kwart/jd-cmd Command line Java Decompiler
- [238Star][1m] [Java] ata4/bspsrc A Source engine map decompiler
- [229Star][14d] [C#] icsharpcode/avaloniailspy Avalonia-based .NET Decompiler (port of ILSpy)
- [228Star][1y] [C++] wwwg/wasmdec WebAssembly to C decompiler
- [223Star][24d] [C++] boomerangdecompiler/boomerang Boomerang Decompiler - Fighting the code-rot :)
- [1363Star][29d] [C] zyantific/zydis Fast and lightweight x86/x86-64 disassembler library
- [1347Star][11m] [Rust] das-labor/panopticon A libre cross-platform disassembler.
- [874Star][10m] [C++] wisk/medusa An open source interactive disassembler
- [823Star][2m] [C++] redasmorg/redasm The OpenSource Disassembler
- [819Star][7d] [GLSL] khronosgroup/spirv-cross a practical tool and library for performing reflection on SPIR-V and disassembling SPIR-V back to high level languages.
- [621Star][3m] [C] gdabah/distorm Powerful Disassembler Library For x86/AMD64
- [427Star][26d] [C#] 0xd4d/iced x86/x64 disassembler, instruction decoder & encoder
- [348Star][21d] [Ruby] jjyg/metasm This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby
- [244Star][4m] [Py] bontchev/pcodedmp A VBA p-code disassembler
- [6968Star][2m] [JS] cs01/gdbgui Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
- [6002Star][11d] [Py] cyrus-and/gdb-dashboard Modular visual interface for GDB in Python
- [1343Star][3m] [Go] hellogcc/100-gdb-tips A collection of gdb tips. 100 maybe just mean many here.
- [448Star][2m] [Py] scwuaptx/pwngdb gdb for pwn
- [231Star][26d] [JS] bet4it/hyperpwn A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
- [1544Star][3m] [PHP] mewebstudio/captcha Captcha for Laravel 5 & 6
- [623Star][24d] [Ruby] markets/invisible_captcha Simple and flexible spam protection solution for Rails applications.
- [11490Star][7d] [C] radareorg/radare2 unix-like reverse engineering framework and commandline tools
- [407Star][5m] [Py] itayc0hen/a-journey-into-radare2 A series of tutorials about radare2 framework from
- [329Star][11d] [TeX] radareorg/radare2book r1 book transcription to r2
- [257Star][3m] [Rust] radareorg/radeco radare2-based decompiler and symbol executor
- [256Star][19d] [C] radareorg/r2dec-js radare2 plugin - converts asm to pseudo-C code.
- [204Star][2m] [PowerShell] wiredpulse/posh-r2 PowerShell - Rapid Response... For the incident responder in you!
- [370Star][25d] [JS] nowsecure/r2frida Radare2 and Frida better together.
- Also In Section: DBI->Frida->Tools->WithOtherTools->Radare2 |
- [5850Star][8d] [C++] radareorg/cutter Reverse Engineering Platform powered by radare2
- 2019.10 [prsecurity_] Radare2 for RE CTF
- 2019.09 [securityartwork] YaraRET (I): Carving with Radare2 & Yara
- 2019.07 [freebuf] 教你使用Cutter和Radare2对APT32恶意程序流程图进行反混淆处理
- 2019.07 [youtube_THER_SECURITY_LAB] 0x0D - FLARE-On #3 Challenge Part 2 [Reversing with Radare2]
- 2019.07 [youtube_THER_SECURITY_LAB] 0x0C - Cutter: FLARE-On #3 Challenge Part 1 [Reversing with Radare2]
- 2019.07 [youtube_THER_SECURITY_LAB] 0x09 Cross References [Reversing with Radare2]
- 2019.07 [youtube_THER_SECURITY_LAB] 0x08 Navigation [Reversing with Radare2]
- 2019.07 [youtube_THER_SECURITY_LAB] 0x04 Target Application [Reversing with Radare2]
- 2019.06 [youtube_THER_SECURITY_LAB] 0x03 Environment Setup [Reversing with Radare2]
- 2019.06 [youtube_THER_SECURITY_LAB] 0x02 What is Radare2 [Reversing with Radare2]
- 2019.06 [youtube_THER_SECURITY_LAB] 0x00 Intro [Reversing with Radare2]
- 2019.06 [youtube_hitbsecconf] #HITB2019AMS D1T3 - Overcoming Fear: Reversing With Radare2 - Arnau Gamez Montolio
- 2019.05 [X0x0FFB347] Solving MalwareTech Shellcode challenges with some radare2 magic!
- 2019.05 [360_anquanke_learning] 使用Cutter和Radare2对APT32恶意程序流程图进行反混淆处理
- 2019.04 [X0x0FFB347] Solving MalwareTech String Challenges With Some Radare2 Magic!
- 2019.04 [radare] Radare2 Summer of Code 2019 Selection Results
- 2019.04 [radare] Radare2 Summer of Code 2019 Selection Results
- 2019.03 [sans_edu_diaryarchive] Binary Analysis with Jupyter and Radare2
- 2019.02 [freebuf] Radare2:一款类Unix命令行逆向安全框架
- 2019.02 [radare] Radare2 Community Survey Results
- [2787Star][17d] [Py] androguard/androguard Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
- [320Star][10d] [Py] vector35/binaryninja-api Public API, examples, documentation and issues for Binary Ninja
- [279Star][2m] [Py] pbiernat/ripr Package Binary Code as a Python class using Binary Ninja and Unicorn Engine
- 2018.09 [aliyun_xz] 使用Binary Ninja调试共享库
- 2018.09 [kudelskisecurity] Analyzing ARM Cortex-based MCU firmwares using Binary Ninja
- 2018.04 [trailofbits] Vulnerability Modeling with Binary Ninja
- 2018.01 [pediy_new_digest] [翻译]逆向平台Binary Ninja介绍
- 2017.11 [_0xec] bnpy - A python architecture plugin for Binary Ninja
- 2017.10 [ret2] Untangling Exotic Architectures with Binary Ninja
- 2017.10 [chokepoint] Pin Visual Coverage Tool for Binary Ninja
- [518Star][7m] [Java] limboemu/limbo Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
- Also In Section: Android->Tools->Emulator |
- [273Star][19d] [C] beckus/qemu_stm32 QEMU with an STM32 microcontroller implementation
- [242Star][10m] [C++] revng/revng the core repository of the rev.ng project (mirror)
- [940Star][2m] [C] basil00/divert Windows Packet Divert
- [840Star][21d] [C++] henrypp/simplewall Simple tool to configure Windows Filtering Platform (WFP) which can configure network activity on your computer.
- [712Star][1m] [Py] diyan/pywinrm Python library for Windows Remote Management (WinRM)
- [556Star][11d] [C] hfiref0x/winobjex64 Windows Object Explorer 64-bit
- [462Star][7m] [C#] microsoft/dbgshell A PowerShell front-end for the Windows debugger engine.
- [411Star][9d] [C] samba-team/samba he standard Windows interoperability suite of programs for Linux and Unix
- [381Star][1m] [C#] microsoft/binskim A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
- [379Star][1m] [Jupyter Notebook] microsoft/windowsdefenderatp-hunting-queries Sample queries for Advanced hunting in Microsoft Defender ATP
- [367Star][1m] [Ruby] winrb/winrm Ruby library for Windows Remote Management
- [364Star][1y] [PowerShell] netspi/pesecurity PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
- [349Star][8d] [C#] digitalruby/ipban Monitors failed logins and bad behavior and bans ip addresses on Windows and Linux. Highly configurable, lean and powerful.
- [264Star][11m] [Py] hakril/pythonforwindows A codebase aimed to make interaction with Windows and native execution easier
- [233Star][4m] [PowerShell] microsoft/aaronlocker Robust and practical application whitelisting for Windows
- [232Star][9m] [Go] masterzen/winrm Command-line tool and library for Windows remote command execution in Go
- [230Star][12m] [C++] ionescu007/simpleator Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
- [228Star][4m] [C] tishion/mmloader A library for loading dll module bypassing windows PE loader from memory (x86/x64)
- [220Star][12m] [C++] rexdf/commandtrayhost A command line program monitor systray for Windows
- [211Star][2m] [C] leecher1337/ntvdmx64 Run Microsoft Windows NTVDM (DOS) on 64bit Editions
- [209Star][2m] adguardteam/adguardforwindows AdGuard for Windows open bug tracker
- [205Star][2m] [C] jasonwhite/ducible A tool to make Windows builds reproducible.
- [201Star][10m] [C] hzqst/unicorn_pe Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.
- [1207Star][8d] [JS] jpcertcc/logontracer Investigate malicious Windows logon by visualizing and analyzing Windows event log
- [526Star][14d] [PowerShell] sbousseaden/evtx-attack-samples windows events samples associated to specific attack and post-exploitation techniques
- [502Star][9m] [C#] lowleveldesign/wtrace Command line tracing tool for Windows, based on ETW.
- [436Star][8m] [PowerShell] nsacyber/event-forwarding-guidance Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
- [389Star][9m] [Py] williballenthin/python-evtx Pure Python parser for recent Windows Event Log files (.evtx)
- [295Star][11d] [C#] zodiacon/procmonx Extended Process Monitor-like tool based on Event Tracing for Windows
- [281Star][9m] [C#] nsacyber/windows-event-log-messages Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber
- [8495Star][1m] microsoft/wsl Issues found on WSL
- [2825Star][8m] [Shell] goreliu/wsl-terminal Terminal emulator for Windows Subsystem for Linux (WSL)
- [660Star][9d] [Shell] wslutilities/wslu A collection of utilities for Windows 10 Linux Subsystems
- [12453Star][7d] [C#] 0xd4d/dnspy .NET debugger and assembly editor
- [9141Star][8d] [C#] icsharpcode/ilspy .NET Decompiler
- [3645Star][26d] [C#] 0xd4d/de4dot .NET deobfuscator and unpacker.
- [3253Star][7m] [JS] sindresorhus/speed-test Test your internet connection speed and ping using speedtest.net from the CLI
- [1643Star][1m] [C#] jbevain/cecil Cecil is a library to inspect, modify and create .NET programs and libraries.
- [215Star][11m] [C#] rainwayapp/warden Warden.NET is an easy to use process management library for keeping track of processes on Windows.
- [1519Star][10m] [PowerShell] joefitzgerald/packer-windows Windows templates that can be used to create boxes for Vagrant using Packer
- [1341Star][10d] [Go] securitywithoutborders/hardentools Hardentools is a utility that disables a number of risky Windows features.
- [1145Star][1y] [HTML] nsacyber/windows-secure-host-baseline Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
- [1000Star][5m] adolfintel/windows10-privacy Windows 10 Privacy Guide
- [488Star][23d] [PowerShell] stefanscherer/packer-windows Windows Templates for Packer: Win10, Server 2016, 1709, 1803, 1809, 2019, 1903, Insider with Docker
- [699Star][4m] [C++] darthton/xenos Windows dll injector
- [533Star][4m] [C++] nytrorst/shellcodecompiler compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows (x86 and x64) and Linux (x86 and x64)
- Also In Section: Linux->Tools |
- [1311Star][18d] [C] intel/haxm cross-platform hardware-assisted virtualization engine (hypervisor), widely used as an accelerator for Android Emulator and QEMU
- [1003Star][1y] [C] ionescu007/simplevisor a simple, portable, Intel VT-x hypervisor with two specific goals: using the least amount of assembly code (10 lines), and having the smallest amount of VMX-related code to support dynamic hyperjacking and unhyperjacking (that is, virtualizing the host state from within the host). It works on Windows and UEFI.
- [708Star][3m] [C++] tandasat/hyperplatform Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.
- [561Star][11m] [C] asamy/ksm A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
- Also In Section: Linux->Tools |
- [928Star][9m] [C] microsoft/windows-driver-frameworks a set of libraries that make it simple to write high-quality device drivers.
- [760Star][13d] axtmueller/windows-kernel-explorer A free but powerful Windows kernel research tool.
- [506Star][5m] [Py] rabbitstack/fibratus Tool for exploration and tracing of the Windows kernel
- [459Star][22d] [C] jkornev/hidden Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
- [278Star][7d] [PowerShell] microsoftdocs/windows-driver-docs The official Windows Driver Kit documentation sources
- [479Star][7d] [Batchfile] chef-koch/regtweaks Windows Registry Tweaks (Win 7 - Win 10)
- [288Star][7m] [Py] williballenthin/python-registry Read access to Windows Registry files.
- [712Star][2m] [HTML] j00ru/windows-syscalls Windows System Call Tables (NT/2000/XP/2003/Vista/2008/7/2012/8/10)
- [316Star][30d] [C] hfiref0x/syscalltables Windows NT x64 Syscall tables
- [1422Star][2m] [C] feralinteractive/gamemode Optimise Linux system performance on demand
- [1406Star][1m] [C++] google/nsjail A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)
- [884Star][8d] [C] buserror/simavr simavr is a lean, mean and hackable AVR simulator for linux & OSX
- [751Star][17d] [Py] korcankaraokcu/pince A reverse engineering tool that'll supply the place of Cheat Engine for linux
- [740Star][1m] [C] yrp604/rappel A linux-based assembly REPL for x86, amd64, armv7, and armv8
- [717Star][11d] [C] strace/strace strace is a diagnostic, debugging and instructional userspace utility for Linux
- [561Star][11m] [C] asamy/ksm A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
- Also In Section: Windows->Tools->VT |
- [559Star][1m] [Py] autotest/autotest Fully automated tests on Linux
- [552Star][13d] [C++] intel/linux-sgx Intel SGX for Linux*
- [533Star][4m] [C++] nytrorst/shellcodecompiler compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows (x86 and x64) and Linux (x86 and x64)
- Also In Section: Windows->Tools->Shellcode |
- [502Star][7m] [C] iovisor/ply Dynamic Tracing in Linux
- [466Star][7d] [C] libreswan/libreswan an Internet Key Exchange (IKE) implementation for Linux.
- [437Star][7d] [C] facebook/openbmc OpenBMC is an open software framework to build a complete Linux image for a Board Management Controller (BMC).
- [385Star][9m] [Shell] microsoft/linux-vm-tools Hyper-V Linux Guest VM Enhancements
- [384Star][27d] [Shell] yadominjinta/atilo Linux installer for termux
- [346Star][1m] [C] seccomp/libseccomp an easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism
- [328Star][4m] [Go] capsule8/capsule8 cloud-native behavioral security monitoring
- [280Star][24d] [Py] facebook/fbkutils A variety of utilities built and maintained by Facebook's Linux Kernel Team that we wish to share with the community.
- [227Star][7m] [C] wkz/ply Light-weight Dynamic Tracer for Linux
- [1228Star][1y] [Kotlin] gh0u1l5/wechatspellbook 使用Kotlin编写的开源微信插件框架,底层需要 Xposed 或 VirtualXposed 等Hooking框架的支持,而顶层可以轻松对接Java、Kotlin、Scala等JVM系语言。让程序员能够在几分钟内编写出简单的微信插件,随意揉捏微信的内部逻辑。
- [1114Star][1y] [Objective-C] yulingtianxia/fishchat Hook WeChat.app on non-jailbroken devices.
- [1004Star][5m] [C++] everdox/infinityhook Hook system calls, context switches, page faults and more.
- [757Star][20d] [Go] thoughtworks/talisman By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.
- [670Star][7m] [Java] pagalaxylab/yahfa Yet Another Hook Framework for ART
- [640Star][3m] [C++] stevemk14ebr/polyhook x86/x64 C++ Hooking Library
- [568Star][7m] [Objective-C] rpetrich/captainhook Common hooking/monkey patching headers for Objective-C on Mac OS X and iPhone OS. MIT licensed
- [530Star][1y] [Objective-C++] davidgoldman/inspectivec objc_msgSend hook for debugging/inspection purposes.
- [509Star][11d] [C] mohuihui/antispy AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
- [475Star][1y] [C++] tandasat/ddimon Monitoring and controlling kernel API calls with stealth hook using EPT
- [436Star][16d] [C++] stevemk14ebr/polyhook_2_0 C++17, x86/x64 Hooking Libary v2.0
- [401Star][8m] [C] darthton/hyperbone Minimalistic VT-x hypervisor with hooks
- [366Star][26d] [C++] 0x09al/rdpthief Extracting Clear Text Passwords from mstsc.exe using API Hooking.
- [361Star][1m] [C++] steven-michaud/hookcase Tool for reverse engineering macOS/OS X
- [339Star][5m] [C] zeex/subhook Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies)
- [260Star][11m] [C] nbulischeck/tyton Kernel-Mode Rootkit Hunter
- [245Star][4m] [C] gbps/gbhv Simple x86-64 VT-x Hypervisor with EPT Hooking
- [238Star][5m] [C] outflanknl/dumpert LSASS memory dumper using direct system calls and API unhooking.
- [233Star][22d] [C] kubo/plthook Hook function calls by replacing PLT(Procedure Linkage Table) entries.
- [217Star][1y] [C#] easy66/monohooker hook C# method at runtime without modify dll file (such as UnityEditor.dll)
- [211Star][1y] [C] suvllian/process-inject 在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
- [1407Star][7d] [C] namhyung/uftrace Function (graph) tracer for user-space
- [1124Star][12d] [C++] crosire/reshade A generic post-processing injector for games and video software.
- [1122Star][3m] [Py] openai/neural-mmo Code for the paper "Neural MMO: A Massively Multiagent Game Environment for Training and Evaluating Intelligent Agents"
- [723Star][6m] [Assembly] cirosantilli/x86-assembly-cheat the bulk of the x86 instruction examples with assertions.
- [515Star][2m] [Kotlin] jire/charlatano Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems
- [353Star][18d] [C] liji32/sameboy Game Boy and Game Boy Color emulator written in C
- [351Star][11d] [C#] leaguesandbox/gameserver League Sandbox's Game Server
- [260Star][5m] [C++] niemand-sec/anticheat-testing-framework Framework for testing any Anti-Cheat
- [215Star][2m] [C] xyzz/gamecard-microsd microSD adapter for PlayStation Vita
- [204Star][4m] [C++] eternityx/deadcell-csgo Full source to the CS:GO cheat
- [1433Star][1y] [TypeScript] pedronauck/reworm
- [927Star][4m] [Py] airbnb/binaryalert Serverless, Real-time & Retroactive Malware Detection.
- [777Star][2m] [Py] gosecure/malboxes Builds malware analysis Windows VMs so that you don't have to.
- [679Star][17d] [Py] rurik/noriben Portable, Simple, Malware Analysis Sandbox
- [654Star][8m] [Shell] rfxn/linux-malware-detect Linux Malware Detection (LMD)
- [591Star][5m] fabrimagic72/malware-samples A collection of malware samples caught by several honeypots i manage
- [563Star][2m] [Py] certsocietegenerale/fame FAME Automates Malware Evaluation
- [534Star][2m] [Py] tencent/habomalhunter HaboMalHunter is a sub-project of Habo Malware Analysis System (
- [488Star][29d] [C] hasherezade/demos Demos of various injection techniques found in malware
- [392Star][1m] [YARA] guelfoweb/peframe PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
- [390Star][6m] [JS] capacitorset/box-js A tool for studying JavaScript malware.
- [386Star][7d] [C#] collinbarrett/filterlists independent, comprehensive directory of filter and host lists for advertisements, trackers, malware, and annoyances.
- [375Star][7m] [Py] secrary/ssma SSMA - Simple Static Malware Analyzer [This project is not maintained anymore]
- [366Star][2m] [AngelScript] inquest/malware-samples A collection of malware samples and relevant dissection information, most probably referenced from
- [363Star][3m] [Py] neo23x0/munin Online hash checker for Virustotal and other services
- [353Star][5m] [Py] hasherezade/malware_analysis Various snippets created during malware analysis
- [331Star][8m] [Py] rek7/fireelf Fileless Linux Malware Framework
- [325Star][7d] [Py] fireeye/stringsifter A machine learning tool that automatically ranks strings based on their relevance for malware analysis.
- [310Star][21d] [C#] malware-dev/mdk-se Malware's Development Kit for SE
- [307Star][1y] [C++] m0n0ph1/process-hollowing Great explanation of Process Hollowing (a Technique often used in Malware)
- [302Star][11m] [Assembly] guitmz/virii Collection of ancient computer virus source codes
- [302Star][4m] [JS] hynekpetrak/malware-jail Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
- [283Star][7m] [Java] katjahahn/portex Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
- [281Star][8m] [Py] phage-nz/ph0neutria ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability.
- [277Star][7m] [C] rieck/malheur A Tool for Automatic Analysis of Malware Behavior
- [268Star][2m] [JS] hynekpetrak/javascript-malware-collection Collection of almost 40.000 javascript malware samples
- [252Star][10m] [C++] ramadhanamizudin/malware Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from:
- [240Star][1m] [Py] a3sal0n/falcongate A smart gateway to stop hackers and Malware attacks
- [237Star][8m] [C++] mstfknn/malware-sample-library Malware sample library.
- [230Star][2m] [C++] richkmeli/richkware Framework for building Windows malware, written in C++
- [212Star][2m] [Py] eset/malware-research Code written as part of our various malware investigations
- [202Star][12d] [Py] doomedraven/virustotalapi VirusTotal Full api
- [1191Star][9m] [C] f0rb1dd3n/reptile LKM Linux rootkit
- [722Star][8m] [C] mempodippy/vlany Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
- [509Star][5m] [C] nurupo/rootkit Linux rootkit for Ubuntu 16.04 and 10.04 (Linux Kernels 4.4.0 and 2.6.32), both i386 and amd64
- [426Star][1y] [C] novicelive/research-rootkit LibZeroEvil & the Research Rootkit project.
- [387Star][2m] milabs/awesome-linux-rootkits awesome-linux-rootkits
- [6170Star][6m] rmerl/asuswrt-merlin Enhanced version of Asus's router firmware (Asuswrt) (legacy code base)
- [3621Star][2m] [C] atmosphere-nx/atmosphere Atmosphère is a work-in-progress customized firmware for the Nintendo Switch.
- [3209Star][8d] [C] betaflight/betaflight Open Source Flight Controller Firmware
- [3108Star][4m] [C++] px4/firmware PX4 Autopilot Software
- [2810Star][28d] [C] tmk/tmk_keyboard Keyboard firmwares for Atmel AVR and Cortex-M
- [2267Star][1m] [C] aurorawright/luma3ds Noob-proof (N)3DS "Custom Firmware"
- [1441Star][19d] [C] tianocore/edk2 A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications
- [784Star][8d] [C] fwupd/fwupd A simple daemon to allow session software to update firmware
- [633Star][6m] [C] travisgoodspeed/md380tools Python tools and patched firmware for the TYT-MD380
- [415Star][5m] preos-security/awesome-firmware-security Awesome Firmware Security & Other Helpful Documents
- [370Star][12d] [Py] fkie-cad/fact_core Firmware Analysis and Comparison Tool
- [284Star][5m] [C++] rampagex/firmware-mod-kit Automatically exported from code.google.com/p/firmware-mod-kit
- [279Star][1m] [Py] cwerling/psptool Display, extract, and manipulate PSP firmware inside UEFI images
- [237Star][11d] [Py] avatartwo/avatar2 Python core of avatar²
- [234Star][11m] [C] reisyukaku/reinand Minimalist 3DS custom firmware.
- [507Star][1m] [Py] platomav/meanalyzer Intel Engine Firmware Analysis Tool
- [465Star][1y] [Py] ptresearch/unme11 Intel ME 11.x Firmware Images Unpacker
- [2369Star][2m] [TeX] crypto101/book Crypto 101, the introductory book on cryptography.
- [1580Star][7d] [Go] bitnami-labs/sealed-secrets A Kubernetes controller and tool for one-way encrypted Secrets
- [1433Star][12d] [C++] microsoft/seal Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.
- [832Star][13d] [Haskell] galoisinc/cryptol The Language of Cryptography
- [758Star][1y] pfarb/awesome-crypto-papers A curated list of cryptography papers, articles, tutorials and howtos.
- [693Star][5m] [C++] stealth/opmsg opmsg message encryption
- [660Star][26d] [Java] google/conscrypt Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
- [482Star][3m] [C] microsoft/symcrypt Cryptographic library
- [466Star][3m] miscreant/meta 具备错误使用抗性的(Misuse-resistant )对称加密库,支持 AES-SIV (RFC5297) 和 CHAIN/STREAM
- [463Star][8d] [C] skeeto/enchive Encrypted personal archives
- [432Star][1m] [Go] gorilla/securecookie Package gorilla/securecookie encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- [380Star][21d] [C++] msoos/cryptominisat An advanced SAT solver
- [349Star][7m] [Haskell] jpmorganchase/constellation Peer-to-peer encrypted message exchange
- [334Star][26d] [Shell] umputun/nginx-le Nginx with automatic let's encrypt (docker image)
- [328Star][10d] [Py] efforg/starttls-everywhere A system for ensuring & authenticating STARTTLS encryption between mail servers
- [323Star][5m] [JS] hr/crypter An innovative, convenient and secure cross-platform encryption app
- [305Star][18d] [C] jhuisi/charm A Framework for Rapidly Prototyping Cryptosystems
- [265Star][13d] [Py] nucypher/nucypher A decentralized network offering accessible, intuitive, and extensible cryptographic runtimes and interfaces for secrets management and dynamic access control.
- [253Star][13d] [C] icing/mod_md Let's Encrypt (ACME) support for Apache httpd
- [244Star][14d] [C++] evpo/encryptpad Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
- [229Star][7m] [C] ctz/cifra A collection of cryptographic primitives targeted at embedded use.
- [223Star][1m] [C] libyal/libfvde Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes
- [222Star][2m] vixentael/my-talks List of my talks and workshops: security engineering, applied cryptography, secure software development
- [221Star][12m] [C] gkdr/lurch XEP-0384: OMEMO Encryption for libpurple.
- [220Star][2m] [Go] cloudflare/tls-tris crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED.
- [203Star][5m] [Py] nucypher/nufhe NuCypher fully homomorphic encryption (NuFHE) library implemented in Python
- [202Star][5m] [TeX] decrypto-org/rupture A framework for BREACH and other compression-based crypto attacks
- [200Star][7m] [C] doublelabyrinth/how-does-navicat-encrypt-password This repository tells you how Navicat encrypts database password.
Contents auto exported by Our System, please raise Issue if you have any question.