Code to prevent a managed .NET debugger/profiler from working.
Mquery is an analyst-friendly web GUI that allows malware analysts to search through terabytes of malware using blazingly fast Yara queries. It leverages UrsaDB to accelerate queries with ngrams, providing a quick and efficient way to look through your digital warehouse. To get started, install and start using docker-compose, add files to the SAMPLES_DIR, and index your collection with ursacli in docker.
Code to prevent a managed .NET debugger/profiler from working.
A tool to dump ODIN3 messages into files for reverse-engineering
A native Python cross-version decompiler and fragment decompiler.
Automate the exploitation of XXE vulnerabilities
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.