Enumerate and disable common sources of telemetry used by AV/EDR.

bypass-url-parser

A fast, simple, recursive content discovery tool written in Rust.

The Havoc Framework

This map lists the essential techniques to bypass anti-virus and EDR

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Deobfuscation via optimization with usage of LLVM IR and parsing assembly.

Tracking interesting Linux (and UNIX) malware. Send PRs

MBC content in markdown

Reverse Engineer's Toolkit

High Octane Triage Analysis

Kernel Driver Utility

x64 binary obfuscator

Curated list of awesome tools, demos, docs for ChatGPT and GPT-3

This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.

IDA plugin which queries language models to speed up reverse-engineering

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.

An advanced tool for working with access tokens and Windows security policy.

Windows x64 handcrafted token stealing kernel-mode shellcode

FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints.

PDBRipper is a utility for extract an information from PDB-files.

Time Travel Debugging IDA plugin

Tools and PoCs for Windows syscall investigation.

IDA Pro plugin for query based searching within the binary useful mainly for vulnerability research.

Open-source symbolic execution framework: https://maat.re

An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.

An Interactive Binary Patching Plugin for IDA Pro

abyss - augmentation of Hexrays decompiler output

An step by step fuzzing tutorial. A GitHub Security Lab initiative