Daniel Plohmann

Expert
@danielplohmann

Malware Researcher. Working for Fraunhofer @FKIE.

apiscout. This project aims at simplifying Windows API import recovery on arbitrary memory dumps

267

smda. SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.

259

idascope. An IDA Pro extension for easier (malware) reverse engineering

115

mcrit. The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.

101

empty_msvc. A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.

33

docker-mcrit. Dockerized Setup for the MinHash-based Code Recognition & Investigation Toolkit (MCRIT)

16

mcrit-data. A collection of ready-to-use library code and symbols for the MinHash-based Code Relationship & Investigation Toolkit (MCRIT)

14

tars. The Threat Actor Rosetta Stone (TARS) is a public listing to keep track of who keeps calling which actor groups by which names.

11

gui-plugin-template. A template for cross-compatible GUI plugins (IDA, Ghidra, Binary Ninja, Cutter)

7

picblocks. JavaScript

4

mcrit-plugin. A plugin to use MCRIT from IDA Pro

4

malware_name_mapping. A mapping of used malware names to commonly known family names

3

lib2smda. Helper tool to use IDA Pro to convert lib files into SMDA format

1

yarachecker. A helper utility for processing YARA results, as used by IDAscope.

1

capa. The FLARE team's open-source tool to identify capabilities in executable files.

1

bda. Programmer De-anonymization from Binary Executables

1

danielplohmann.github.io. Next iteration of a personal blog.

1
17
Apply