DEPRECATED - USE v3 (bearded-avenger)
created at Jan. 6, 2014, 1:02 p.m.
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
created at Nov. 27, 2013, 2:32 a.m.
Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
created at Oct. 10, 2013, 1:42 p.m.
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
created at Oct. 5, 2013, 8:59 p.m.
Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
created at Sept. 21, 2013, 12:14 p.m.
Reverse engineering tool for virtualization wrappers
created at June 28, 2013, 6:55 p.m.
Cross-language temporary (disposable/throwaway) email detection library. Covers 55 734+ fake email providers.
created at March 4, 2013, 3 p.m.
Checks with NSRL RDS servers looking for for hash matches
created at March 2, 2013, 4:35 p.m.
Tool to help guess a files 256 byte XOR key by using frequency analysis
created at Jan. 22, 2013, 9:09 p.m.