FireEye

Repositories

• speakeasy

  Windows kernel and user mode emulation.

  emulation malware-analysis
  Python MIT 62 477 19 0 Updated Dec 4, 2020

• FIDL

  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

  api research decompiler malware ida vulnerability reversing
  Python MIT 44 291 1 0 Updated Dec 4, 2020

• capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  reverse-engineering malware-analysis
  Python Apache-2.0 137 1,212 38 4 Updated Dec 4, 2020

• capa-rules

  Standard collection of rules for capa: the tool for enumerating the capabilities of programs

  hacktoberfest
  Apache-2.0 25 124 41 (2 issues need help) 1 Updated Dec 4, 2020

• HXTool

  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…
  JavaScript 15 16 4 0 Updated Dec 4, 2020

• capa-testfiles
  8 7 0 1 Updated Dec 3, 2020

• ThreatPursuit-VM

  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

  data-science intelligence analytics virtual-machine malware threat cyber
  PowerShell 97 672 4 1 Updated Dec 3, 2020

• stringsifter

  A machine learning tool that ranks strings based on their relevance for malware analysis.

  machine-learning strings reverse-engineering learning-to-rank malware-analysis fireeye-flare fireeye-data-science
  Python Apache-2.0 72 432 4 0 Updated Dec 2, 2020

• Vulnerability-Disclosures
  C++ 3 18 0 0 Updated Dec 1, 2020

• flare-vm

  reverse-engineering malware-analysis fireeye-flare
  PowerShell Apache-2.0 423 2,477 71 1 Updated Nov 29, 2020

• gocrack-ui

  The User Interface for GoCrack

  fireeye-flare
  Vue MIT 34 59 0 9 Updated Nov 25, 2020

• OfficePurge
  C# Apache-2.0 17 123 0 0 Updated Nov 19, 2020

• flare-fakenet-ng

  [Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool

  malware-analysis traffic-redirection fireeye-flare fakenet-ng
  Python Apache-2.0 261 1,170 42 15 Updated Nov 11, 2020

• gocrack

  GoCrack is a management frontend for password cracking tools written in Go

  fireeye-flare
  Go MIT 203 958 15 (2 issues need help) 0 Updated Nov 9, 2020

• gocat

  Provides access to libhashcat

  fireeye-flare
  Go MIT 5 12 0 0 Updated Nov 9, 2020

• flare-floss

  FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  strings malware deobfuscation fireeye-flare
  Python Apache-2.0 283 1,678 48 3 Updated Nov 7, 2020

• flare-floss-testfiles

  Resources for testing FLOSS by the FLARE team.
  C 1 1 0 0 Updated Nov 4, 2020

• flare-emu

  emulation malware-analysis fireeye-flare
  Python Apache-2.0 59 433 2 0 Updated Nov 2, 2020

• PwnAuth
  Python Apache-2.0 57 250 1 3 Updated Oct 28, 2020

• flare-ida

  IDA Pro utilities from FLARE team

  reverse-engineering ida ida-pro ida-plugin idapython fireeye-flare
  Python Apache-2.0 361 1,296 15 3 Updated Oct 28, 2020

• muse-technical-challenge

  Muse Technical Challenge Stencil Component Starter
  TypeScript 2 1 0 1 Updated Oct 25, 2020

• commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

  windows penetration-testing red-teaming fireeye-flare
  PowerShell Apache-2.0 850 3,940 28 5 Updated Oct 20, 2020

• jitm

  JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.

  hooks dotnet jit malware-analysis jit-compiler fireeye-flare
  C++ Apache-2.0 4 13 0 1 Updated Sep 23, 2020

• DFUR-Splunk-App

  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.

  log-analysis incident-response splunk-application
  MIT 2 5 0 0 Updated Sep 9, 2020

• jest-environment-serverless

  Testing your Serverless projects with Jest the easy way!
  JavaScript MIT 3 15 6 7 Updated Sep 4, 2020

• dod-example-apps

  Example applications for FireEye's Detection on Demand service
  Python Apache-2.0 1 4 0 0 Updated Aug 25, 2020

• fireeye-python
  Python 5 22 0 0 Updated Aug 13, 2020

• mimosa-rpm-package
  JavaScript 3 3 0 1 Updated Jul 15, 2020

• flare-qdb

  Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.

  fireeye-flare
  Python Apache-2.0 34 141 7 0 Updated Jun 24, 2020

• rvmi-rekall

  Rekall Forensics and Incident Response Framework with rVMI extensions
  Python GPL-2.0 12 23 0 4 Updated May 20, 2020