A Delphi symbol name recovery tool for reverse engineers.

The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.

Rule Engine for Dynamic Malware Analysis and Research

A small and quick version of Yara-X for Android

suricata-check is a command line utility to provide feedback on Suricata rules. The tool can detect various issues including those covering syntax validity, interpretability, rule specificity, rule…

Toolbox of useful automated scripts for virtualization related stuff.

VASCO is a concolic path exploration tool implemented as plugin for IDA PRO and Hex-Rays

A yara based MCP Server

BinaryNinja plugin to enhance ARM64EC support

Tools for analyzing UEFI firmware and checking UEFI modules with FwHunt rules

A cross platform forensic parser written in Rust!

FeatureProof is a common sense IDAPython middleware library to ease and future-proof the development of maintainable IDA Pro scripts and plugins

SANS #CTI Summit 2025

AI-powered tool designed to help producing Threat Intelligence Mindmap.

Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator

Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs

Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient.

FileTrove indexes files and creates metadata from them.

FLARE Team's Binary Navigator

Public API, examples, documentation and issues for Binary Ninja

CAPEv2 (capemon) hook skeleton generator (hookdefs) for your malware analysis needs.

RevEng.AI Toolkit and Python API

Diaphora Machine Learning tools and datasets

Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules