Malware Researcher. Working for Fraunhofer @FKIE.
apiscout. This project aims at simplifying Windows API import recovery on arbitrary memory dumps
267smda. SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.
259idascope. An IDA Pro extension for easier (malware) reverse engineering
115mcrit. The MinHash-based Code Relationship & Investigation Toolkit (MCRIT) is a framework created to simplify the application of the MinHash algorithm in the context of code similarity.
101empty_msvc. A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
33docker-mcrit. Dockerized Setup for the MinHash-based Code Recognition & Investigation Toolkit (MCRIT)
16mcrit-data. A collection of ready-to-use library code and symbols for the MinHash-based Code Relationship & Investigation Toolkit (MCRIT)
14tars. The Threat Actor Rosetta Stone (TARS) is a public listing to keep track of who keeps calling which actor groups by which names.
11gui-plugin-template. A template for cross-compatible GUI plugins (IDA, Ghidra, Binary Ninja, Cutter)
7picblocks. JavaScript
4mcrit-plugin. A plugin to use MCRIT from IDA Pro
4malware_name_mapping. A mapping of used malware names to commonly known family names
3lib2smda. Helper tool to use IDA Pro to convert lib files into SMDA format
1yarachecker. A helper utility for processing YARA results, as used by IDAscope.
1capa. The FLARE team's open-source tool to identify capabilities in executable files.
1bda. Programmer De-anonymization from Binary Executables
1danielplohmann.github.io. Next iteration of a personal blog.
1