30 tools and resources
HxD is a freeware hex editor and disk editor with advanced features for editing files, memory, and disks.
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
Online platform for image steganography analysis
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
Yara mode for GNU Emacs to edit Yara related files
PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.
Visually inspect regex matches in binary data/text with YARA and regular expressions, displaying matched bytes and surrounding context.
SWFTools is a collection of utilities for working with Adobe Flash files, including tools for converting PDFs, images, audio, and video files to SWF format.
Exiv2 is a C++ library and command-line utility for image metadata manipulation.
A high-performance digital forensics exploitation tool for extracting structured information from various inputs without parsing file system structures.
A collection of binary tools for various purposes including linking, assembling, profiling, and more.
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Python forensic tool for extracting and analyzing information from Firefox, Iceweasel, and Seamonkey browsers.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
Collection of Windows oneliners for executing arbitrary code and downloading remote payloads.
A library to access and parse the Microsoft Internet Explorer Cache File format.
iOS Mobile Backup Xtractor tool for extracting iOS backups.
A tool for creating compact Linux memory dumps compatible with popular debugging tools.
Bmaptool is a project no longer maintained by Intel, users are advised to create their own fork for ongoing use.
A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.
Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A Python script for scanning data within an IDB using Yara
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
A command-line utility for extracting human-readable text from binary files.
A tool for malware analysts to search through base64-encoded samples and generate yara rules.
Kaitai Struct is a declarative language for describing binary data structures.
FLARE Obfuscated String Solver (FLOSS) automatically extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
wxHexEditor is a free hex editor / disk editor with various data manipulation operations and visualization functionalities.
Universal hexadecimal editor for computer forensics, data recovery, and IT security.
