Welcome to FLARE-VM - a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM). FLARE-VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter. Chocolatey is a Windows-based Nuget package management system, where a 'package' is essentially a ZIP file containing PowerShell installation scripts that download and configure a specific tool. Boxstarter leverages Chocolatey packages to automate the installation of software and create repeatable, scripted Windows environments. Requirements: - FLARE-VM should ONLY be installed on a virtual machine. - The VM should satisfy the following requirements: Windows >= 10, PowerShell >= 5, Disk capacity of at least 60 GB and memory of at least 2GB, Usernames without spaces or other special characters, Internet connection, Tamper Protection and any Anti-Malware solution (e.g., Windows Defender), Windows Defender disabled, preferably via Group Policy, Windows Updates Disabled. Installation instruction: This section documents the steps to install FLARE-VM.
FEATURES
ALTERNATIVES
Kaitai Struct is a declarative language for describing binary data structures.
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
RetDec is a versatile machine-code decompiler with support for various file formats and architectures.
Collects Yara rules from over 150 free resources, a free alternative to Valhalla.
A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
Checksec is a bash script to check the properties of executables like PIE, RELRO, Canaries, ASLR, Fortify Source.
A library for running basic functions from stripped binaries cross platform.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.