Displaying 1 to 5 from 5 results

flare-emu

  •    Python

flare-emu marries a supported binary analysis framework, such as IDA Pro or Radare2, with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks. It is designed to handle all the housekeeping of setting up a flexible and robust emulator for its supported architectures so that you can focus on solving your code analysis problems. Currently, flare-emu supports the x86, x86_64, ARM, and ARM64 architectures. It currently provides five different interfaces to serve your emulation needs, along with a slew of related helper and utility functions.

stringsifter - A machine learning tool that ranks strings based on their relevance for malware analysis

  •    Python

StringSifter is a machine learning tool that automatically ranks strings based on their relevance for malware analysis. The pip install command installs two runnable scripts flarestrings and rank_strings into your python environment. When developing from source, use pipenv run flarestrings and pipenv run rank_strings.

flashmingo - Automatic analysis of SWF files based on some heuristics. Extensible via plugins.

  •    Python

NOTE: The following instructions are for Python3. If you need to install FLASHMINGO on Python2.7 you can checkout the release 1.0 under the releases tab. The installation steps are essentially the same.

gocat - Provides access to libhashcat

  •    Go

gocat is a cgo library for interacting with libhashcat. gocat enables you to create purpose-built password cracking tools that leverage the capabilities of hashcat.




vocab_scraper - Vocabulary Scraper script used in FLARE's analysis of Russian-language Carbanak source code

  •    Python

Vocabulary Scraper is meant to aid analysis of foreign-language codebases. It reads source files (*.{c,h,cpp,hpp,txt}) and writes a prioritized vocabularly list in UTF-8. It was written and used by FLARE to analyze the Carbanak source code, and accordingly, the default setting is to read files in code page 1251 (Cyrillic). The default input encoding is cp1251 and the default output encoding is utf-8. Any character encoding name recognized by the Python standard libraries should work.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.