Welcome to FLARE-VM - a collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a virtual machine (VM). FLARE-VM was designed to solve the problem of reverse engineering tool curation and relies on two main technologies: Chocolatey and Boxstarter. Chocolatey is a Windows-based Nuget package management system, where a 'package' is essentially a ZIP file containing PowerShell installation scripts that download and configure a specific tool. Boxstarter leverages Chocolatey packages to automate the installation of software and create repeatable, scripted Windows environments. Requirements: - FLARE-VM should ONLY be installed on a virtual machine. - The VM should satisfy the following requirements: Windows >= 10, PowerShell >= 5, Disk capacity of at least 60 GB and memory of at least 2GB, Usernames without spaces or other special characters, Internet connection, Tamper Protection and any Anti-Malware solution (e.g., Windows Defender), Windows Defender disabled, preferably via Group Policy, Windows Updates Disabled. Installation instruction: This section documents the steps to install FLARE-VM.
FEATURES
ALTERNATIVES
VolatilityBot automates binary extraction and memory analysis, including detecting code injections and strings.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A collection of Yara signatures for identifying malware and other threats
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.