flare-fakenet-ng
flare-ida
flare-fakenet-ng | flare-ida | |
---|---|---|
2 | 2 | |
1,700 | 2,104 | |
1.8% | 0.4% | |
4.1 | 3.2 | |
8 days ago | 2 months ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
flare-fakenet-ng
-
Ask HN: What is your home networking setup?
* INetSim [1]
Reverse engineering, and malware analysis skills will transfer to this task directly.
[0]: https://github.com/mandiant/flare-fakenet-ng
-
DYNAMIC MALWARE ANALYSIS WITH INTERNET
Hi, what you are looking for is Fakenet or the newer, separate version fakenet-ng https://github.com/fireeye/flare-fakenet-ng
flare-ida
-
N00bs Night Malware RE Workshop with @c3rb3ru5d3d53c (OALABS)
Python3 Environment Basics For IDA Pro (Windows) https://www.patreon.com/posts/python3-basics-58467121 Hexcopy (save a click) https://github.com/OALabs/hexcopy-ida HashDB https://github.com/OALabs/hashdb-ida Flare-IDA https://github.com/mandiant/flare-ida Capa https://github.com/mandiant/capa Capa Rules https://github.com/mandiant/capa-rules BinDiff https://www.youtube.com/watch?v=BLBjcZe-C3I
-
Problems generating and applying FLIRT signatures in IDA for UE4 project
Now it's time to generate pattern files with idb2pat.py script on FLARE github. This one works up to version 7.3 including and doesn't work on 7.4+ because of changes in API calls of IDA. I updated it for IDA 7.5(just renamed a bunch of API calls to different names according to this article by hexrays for porting scripts to newer versions of IDA), but I run into the same problems on 7.2 with the original script.
What are some alternatives?
flare-vm - A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
theZoo - A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
tenet - A Trace Explorer for Reverse Engineers
refinery - High Octane Triage Analysis
ghidra_scripts - Port of devttyS0's IDA plugins to the Ghidra plugin framework, new plugins as well.
flare-floss - FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
lumen - A private Lumina server for IDA Pro
Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
obfDetect - IDA plugin to pinpoint obfuscated code