MANDIANT

capa Public
The FLARE team's open-source tool to identify capabilities in executable files.

Python 2,126 Apache-2.0 303 78 (1 issue needs help) 3 Updated Mar 29, 2022
flare-floss Public
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Python 2,107 Apache-2.0 367 38 1 Updated Mar 28, 2022
heyserial Public
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types

YARA 83 13 0 0 Updated Mar 26, 2022
speakeasy Public
Windows kernel and user mode emulation.

Python 918 MIT 151 28 0 Updated Mar 25, 2022
flare-floss-testfiles Public
Resources for testing FLOSS by the FLARE team.

C 3 11 0 0 Updated Mar 24, 2022
capa-rules Public
Standard collection of rules for capa: the tool for enumerating the capabilities of programs

Python 301 Apache-2.0 102 87 (1 issue needs help) 2 Updated Mar 24, 2022
capa-testfiles Public
Data to test capa's code and rules.

Python 28 39 0 0 Updated Mar 24, 2022
VM-Packages Public

PowerShell 7 Apache-2.0 8 13 1 Updated Mar 16, 2022
Vulnerability-Disclosures Public

C++ 101 40 0 0 Updated Mar 12, 2022
GoReSym Public
Go symbol recovery tool

Go 71 MIT 6 0 0 Updated Mar 1, 2022

Pinned