FireEye

Repositories

• capa-rules

  Standard collection of rules for capa: the tool for enumerating the capabilities of programs

  hacktoberfest
  Python Apache-2.0 56 214 63 (1 issue needs help) 3 Updated Jun 2, 2021

• capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  reverse-engineering malware-analysis
  Python Apache-2.0 200 1,600 67 (1 issue needs help) 3 Updated Jun 2, 2021

• fireeye-python
  Python 15 31 0 1 Updated Jun 2, 2021

• PwnAuth
  Python Apache-2.0 65 286 1 6 Updated Jun 1, 2021

• HXTool

  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…
  JavaScript 30 34 6 1 Updated Jun 1, 2021

• pulsesecure_exploitation_countermeasures
  YARA 5 17 0 0 Updated May 27, 2021

• gocrack-ui

  The User Interface for GoCrack

  fireeye-flare
  Vue MIT 41 70 0 17 Updated May 27, 2021

• flare-floss

  FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  strings malware deobfuscation fireeye-flare
  Python Apache-2.0 302 1,857 54 2 Updated May 27, 2021

• capa-testfiles
  Python 17 18 0 1 Updated May 27, 2021

• flare-qdb

  Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.

  fireeye-flare
  Python Apache-2.0 41 144 7 0 Updated May 24, 2021

• speakeasy

  Windows kernel and user mode emulation.

  emulation malware-analysis
  Python MIT 94 677 28 1 Updated May 24, 2021

• Vulnerability-Disclosures
  C++ 12 38 0 0 Updated May 14, 2021

• jest-environment-serverless

  Testing your Serverless projects with Jest the easy way!
  JavaScript MIT 6 21 7 10 Updated May 10, 2021

• flare-vm

  reverse-engineering malware-analysis fireeye-flare
  PowerShell Apache-2.0 476 2,825 91 0 Updated May 3, 2021

• flare-emu

  emulation malware-analysis fireeye-flare
  Python Apache-2.0 69 501 2 0 Updated Apr 19, 2021

• flare-ida

  IDA Pro utilities from FLARE team

  reverse-engineering ida ida-pro ida-plugin idapython fireeye-flare
  Python Apache-2.0 385 1,428 18 3 Updated Apr 14, 2021

• BitsParser
  Python Apache-2.0 16 94 1 1 Updated Apr 12, 2021

• mandiant_managed_hunting

  Azure Deployment Templates for Mandiant Managed Huning
  0 1 0 0 Updated Apr 9, 2021

• goauditparser
  Go Apache-2.0 2 21 0 0 Updated Apr 5, 2021

• SilkETW
  C# 82 399 7 1 Updated Mar 28, 2021

• commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

  windows penetration-testing red-teaming fireeye-flare
  PowerShell Apache-2.0 991 4,653 42 7 Updated Mar 26, 2021

• rvmi-rekall

  Rekall Forensics and Incident Response Framework with rVMI extensions
  Python GPL-2.0 16 25 0 4 Updated Mar 25, 2021

• Mandiant-Azure-AD-Investigator
  PowerShell Apache-2.0 49 354 2 0 Updated Mar 18, 2021

• red_team_tool_countermeasures
  YARA 829 2,401 2 2 Updated Mar 3, 2021

• gocat

  Provides access to libhashcat

  fireeye-flare
  Go MIT 10 18 0 0 Updated Feb 17, 2021

• sunburst_countermeasures
  YARA 189 528 6 3 Updated Feb 11, 2021

• FIDL

  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

  api research decompiler malware ida vulnerability reversing
  Python MIT 56 334 1 0 Updated Jan 27, 2021

• ThreatPursuit-VM

  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

  data-science intelligence analytics virtual-machine malware threat cyber
  PowerShell 153 848 7 0 Updated Jan 20, 2021

• OfficePurge
  C# Apache-2.0 33 187 1 1 Updated Jan 11, 2021

• jitm

  JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.

  hooks dotnet jit malware-analysis jit-compiler fireeye-flare
  C++ Apache-2.0 10 21 0 1 Updated Dec 11, 2020