A Intel hypervisor for reverse engineering and system study - Abandoned

A PlayStation 4 Kernel Debugger [WIP]

This IDA plugin extends the functionality of the assembly and hex view. With this plugin, you can conveniently decode/decrypt/alter data directly from the IDA Pro interface.

Public API, examples, documentation and issues for Binary Ninja

IFL - Interactive Functions List (plugin for IDA Pro)

Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

A rewrite of YARA in Rust.

PPPwn - PlayStation 4 PPPoE RCE

Useful scripts for WinDbg using the debugger data model

A collection of malware families and malware samples which use the Rust programming language.

Finding Truth in the Shadows

Hardcore Debugging

RISC-V Virtual Machine

A Pin Tool for tracing API calls etc

CI/CD Security Analyzer

The AI VPN provides an security assessment of VPN clients' network traffic to identify cyber security threats.

A library for creating, reading and editing PE files and .NET modules.

Dynamic unpacker based on PE-sieve

Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

A dynamic unpacking tool

High Octane Triage Analysis

Portable Executable reversing tool with a friendly GUI

IDA Pro plugin to make bitfield accesses easier to grep

MalUnpack companion driver

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

HashDB API hash lookup plugin for IDA Pro

Opcode calculator / ASM calculator

Hook system calls on Windows by using Kaspersky's hypervisor