Repositories list

• malware-research

  Public
  Code written as part of our various malware investigations

  pythonmalware-analysismalware-research

  Python

  •

  BSD 2-Clause "Simplified" License

  •85•391•0•0•Updated Jan 8, 2025Jan 8, 2025

• DelphiHelper

  Public
  DelphiHelper is a python IDA Pro plugin aiming to help the analysis of x86/x86_64 binaries written in Delphi programming language.

  pythondelphiida+ 4ida-proida-pluginidapythonidapro

  Python

  •

  Other

  •15•48•0•0•Updated Dec 19, 2024Dec 19, 2024

• ETI

  Public
  Python

  •

  BSD 2-Clause "Simplified" License

  •0•0•0•0•Updated Dec 11, 2024Dec 11, 2024

• grpc-rest-proxy

  Public
  Gateway automatically translating REST requests to gRPC

  Go

  •

  BSD 2-Clause "Simplified" License

  •0•6•0•0•Updated Nov 29, 2024Nov 29, 2024

• malware-ioc

  Public
  Indicators of Compromises (IOC) of our various investigations

  iocmalwaremisp+ 1yara

  YARA

  •

  BSD 2-Clause "Simplified" License

  •266•1.7k•0•0•Updated Nov 27, 2024Nov 27, 2024

• ESET-Integration

  Public
  Python

  •0•1•0•0•Updated Nov 13, 2024Nov 13, 2024

• nimfilt

  Public
  A collection of modules and scripts to help with analyzing Nim binaries

  nimreverse-engineeringida+ 7ida-promalware-analysisida-pluginnim-languageidapythonnim-langdemangling

  Python

  •

  BSD 2-Clause "Simplified" License

  •6•68•1•0•Updated Oct 7, 2024Oct 7, 2024

• ipyida

  Public
  IPython console integration for IDA Pro

  pythonipythonida+ 3ida-proida-pluginidapython

  Python

  •

  Other

  •73•751•7•2•Updated Sep 10, 2024Sep 10, 2024

• esac-api-client

  Public
  Example applications using the ESET Secure Authentication SDK.

  C#

  •1•1•0•0•Updated Jul 4, 2024Jul 4, 2024

• sampleshare

  Public
  ESET sample sharing platform, implementing the Norman Sampleshare Framework

  JavaScript

  •

  Other

  •1•1•0•0•Updated Jan 24, 2024Jan 24, 2024

• jupyter_client

  Public
  Jupyter protocol client APIs

  Python

  •

  Other

  •287•0•0•0•Updated Dec 6, 2022Dec 6, 2022

• jupyter-kernel-proxy

  Public
  Jupyter kernel acting as a proxy to any other, already running, kernel.

  Python

  •

  Other

  •0•3•0•0•Updated Nov 24, 2022Nov 24, 2022

• vulnerability-disclosures

  Public
  Repository of vulnerabilities disclosed by ESET

  5•28•0•0•Updated Jul 13, 2022Jul 13, 2022

• AlphaGolang

  Public
  IDAPython scripts for analyzing GoLang binaries

  Python

  •

  GNU General Public License v3.0

  •68•1•0•0•Updated Jun 23, 2022Jun 23, 2022

• wslink-vm-analyzer

  Public
  WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware

  virtual-machinereverse-engineeringmalware+ 2deobfuscationmiasm

  Python

  •

  Other

  •4•45•0•0•Updated Jun 5, 2022Jun 5, 2022

• eei-agent-linux-probes

  Public
  eBPF probes used by ESET Linux products

  linuxsecurityebpf

  C

  •

  GNU General Public License v2.0

  •0•1•0•0•Updated Mar 8, 2022Mar 8, 2022

• zgrab2

  Public
  Fast Go Application Scanner

  Go

  •

  Other

  •309•0•0•0•Updated Nov 29, 2021Nov 29, 2021

• stadeo

  Public
  Control-flow-flattening and string deobfuscator

  pythonstringsreverse-engineering+ 10malwaredeobfuscationcontrol-flowidaida-proidapythondeobfuscator+ 3

  Python

  •

  Other

  •15•148•1•0•Updated Nov 8, 2021Nov 8, 2021

• wslink-client

  Public
  WslinkClient is a client intended to communicate with Wslink, which is a unique loader running as a server

  reverse-engineeringmalware-analysis

  C

  •

  Other

  •0•12•0•0•Updated Oct 26, 2021Oct 26, 2021

• cvelist

  Public
  Pilot program for CVE submission through GitHub

  741•1•0•0•Updated Oct 22, 2021Oct 22, 2021

• kafka-browser

  Public
  Kafka message viewer

  javakafka

  CSS

  •

  Other

  •2•8•0•0•Updated Sep 21, 2021Sep 21, 2021

• zmap

  Public
  ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

  C

  •

  Apache License 2.0

  •921•2•0•0•Updated Sep 16, 2021Sep 16, 2021

• HexRaysCodeXplorer

  Public
  Hex-Rays Decompiler plugin for better code navigation

  C++

  •392•0•0•0•Updated Oct 15, 2020Oct 15, 2020

• miasm

  Public
  Reverse engineering framework in Python

  Python

  •

  GNU General Public License v2.0

  •473•4•0•0•Updated Jul 24, 2020Jul 24, 2020

• cry-decryptor

  Public
  CryDecryptor is an Android application to decrypt files from device compromised by the CryCryptor ransomware

  androidmalware-researchdecryptor+ 1eset

  Java

  •

  Other

  •11•15•0•0•Updated Jul 2, 2020Jul 2, 2020

• FIDL

  Public
  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

  Python

  •

  MIT License

  •68•2•0•0•Updated Nov 29, 2019Nov 29, 2019

• yara

  Public
  The pattern matching swiss knife

  C

  •

  BSD 3-Clause "New" or "Revised" License

  •1.5k•15•0•1•Updated Oct 28, 2019Oct 28, 2019

• idapython-src

  Public
  IDAPython project for Hex-Ray's IDA Pro

  Python

  •

  Other

  •288•8•0•0•Updated Oct 22, 2019Oct 22, 2019

• volatility-browserhooks

  Public
  Volatility Framework plugin to detect various types of hooks as performed by banking Trojans

  volatilitymalware-detectionvolatility-plugins+ 1volatility-framework

  Python

  •

  BSD 2-Clause "Simplified" License

  •14•40•0•0•Updated Dec 14, 2018Dec 14, 2018

• vba-dynamic-hook

  Public
  VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls

  Python

  •

  BSD 2-Clause "Simplified" License

  •39•147•0•0•Updated Mar 17, 2016Mar 17, 2016