hitb2021ams_deobfuscation
Deobfuscation tool
Automated deobfuscation of malware code using symbolic execution and simplification techniques
72 stars
8 watching
15 forks
Language: Python
last commit: over 3 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| mrphrazer/r2con2020_deobfuscation | Automated deobfuscation tool using symbolic execution and SMT solving to remove obfuscated code from malware | 76 |
 dissectmalware/batch_deobfuscator | Deobfuscates batch scripts by substituting encoded strings and escaping characters. | 150 |
 jnraber/virtualdeobfuscator | Analyzes malware runtraces to remove virtual machine-based protections and extract the original binary's bytecode instructions | 133 |
 alxs009/panda-deobfuscator | A tool for analyzing and deobfuscating binary executables by manipulating their code and data structures | 5 |
 holly-hacker/eazfixer | A tool for deobfuscating Eazfuscator-obfuscated .NET assemblies | 377 |
| mrphrazer/obfuscation_detection | Automatically detects obfuscated code and other complex code constructs in binaries to aid reverse engineering. | 580 |
 gdbinit/evilquest_deobfuscator | A tool for decrypting and deobfuscating strings from the EvilQuest/ThiefQuest malware | 6 |
| dissectmalware/xlmmacrodeobfuscator | Decodes and deobfuscates obfuscated Excel macros from various file formats. | 575 |
 eset/stadeo | An analysis toolset designed to understand and reverse-engineer malicious software using control-flow-flattening and string deobfuscation techniques. | 148 |
 malwaremusings/unpacker | Automated malware analysis tool | 118 |
 bonnetn/vba-obfuscator | A tool that obfuscates Visual Basic code to evade signature scans from Antivirus software | 150 |
 dynetics/malfunction | Tools for analyzing and comparing malware at a function level using fuzzy hashing algorithms | 192 |
 rub-syssec/syntia | Deobfuscation framework using program synthesis to learn the semantics of obfuscated code | 302 |
 detuxsandbox/detux | Analyzes and captures malware traffic on Linux sandboxed environments using QEMU hypervisor and various CPU architectures. | 261 |
 1an0rmus/tekdefense-automater | Automates OSINT analysis of IP addresses and hashes by querying multiple data sources | 535 |