FireEye

Repositories

• ADFSDump
  C# Apache-2.0 40 140 0 1 Updated Jul 27, 2021

• capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  reverse-engineering malware-analysis
  Python Apache-2.0 236 1,728 71 (2 issues need help) 1 Updated Jul 27, 2021

• capa-rules

  Standard collection of rules for capa: the tool for enumerating the capabilities of programs

  hacktoberfest
  Python Apache-2.0 85 229 69 (1 issue needs help) 4 Updated Jul 26, 2021

• commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

  windows penetration-testing red-teaming fireeye-flare
  PowerShell Apache-2.0 1,033 4,757 21 8 Updated Jul 24, 2021

• flare-floss

  FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  strings malware deobfuscation fireeye-flare
  Python Apache-2.0 333 1,896 63 1 Updated Jul 23, 2021

• flare-ida

  IDA Pro utilities from FLARE team

  reverse-engineering ida ida-pro ida-plugin idapython fireeye-flare
  Python Apache-2.0 409 1,461 18 4 Updated Jul 23, 2021

• speakeasy

  Windows kernel and user mode emulation.

  emulation malware-analysis
  Python MIT 116 719 31 7 Updated Jul 21, 2021

• capa-testfiles

  Data to test capa's code and rules.
  Python 33 22 0 1 Updated Jul 21, 2021

• Vulnerability-Disclosures
  C++ 22 44 0 0 Updated Jul 2, 2021

• siglib
  Python Apache-2.0 1 2 0 0 Updated Jun 29, 2021

• PwnAuth
  Python Apache-2.0 76 298 1 6 Updated Jun 10, 2021

• HXTool

  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…
  JavaScript 43 41 9 1 Updated Jun 8, 2021

• gocrack-ui

  The User Interface for GoCrack

  fireeye-flare
  Vue MIT 49 75 0 18 Updated Jun 5, 2021

• fireeye-python
  Python 31 37 0 1 Updated Jun 2, 2021

• pulsesecure_exploitation_countermeasures
  YARA 13 20 0 0 Updated May 27, 2021

• flare-qdb

  Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.

  fireeye-flare
  Python Apache-2.0 53 148 7 0 Updated May 24, 2021

• jest-environment-serverless

  Testing your Serverless projects with Jest the easy way!
  JavaScript MIT 11 21 7 10 Updated May 10, 2021

• flare-vm

  reverse-engineering malware-analysis fireeye-flare
  PowerShell Apache-2.0 531 2,936 95 0 Updated May 3, 2021

• flare-emu

  emulation malware-analysis fireeye-flare
  Python Apache-2.0 86 515 2 0 Updated Apr 19, 2021

• BitsParser
  Python Apache-2.0 26 97 1 1 Updated Apr 12, 2021

• mandiant_managed_hunting

  Azure Deployment Templates for Mandiant Managed Huning
  10 2 0 0 Updated Apr 9, 2021

• goauditparser
  Go Apache-2.0 11 23 0 0 Updated Apr 5, 2021

• SilkETW
  C# 93 422 7 1 Updated Mar 28, 2021

• rvmi-rekall

  Rekall Forensics and Incident Response Framework with rVMI extensions
  Python GPL-2.0 26 29 0 4 Updated Mar 25, 2021

• Mandiant-Azure-AD-Investigator
  PowerShell Apache-2.0 61 363 2 0 Updated Mar 18, 2021

• red_team_tool_countermeasures
  YARA 845 2,427 2 2 Updated Mar 3, 2021

• gocat

  Provides access to libhashcat

  fireeye-flare
  Go MIT 18 21 1 0 Updated Feb 17, 2021

• sunburst_countermeasures
  YARA 197 536 6 3 Updated Feb 11, 2021

• FIDL

  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

  api research decompiler malware ida vulnerability reversing
  Python MIT 64 352 2 0 Updated Jan 27, 2021

• ThreatPursuit-VM

  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

  data-science intelligence analytics virtual-machine malware threat cyber
  PowerShell 173 908 7 0 Updated Jan 20, 2021