10000 mandiant repositories · GitHub
[go: up one dir, main page]
Skip to content

@mandiant MANDIANT

Change the repository type filter

All

    Repositories list

    101 repositories

    • capa

      Public
      The FLARE team's open-source tool to identify capabilities in executable files.
      reverse-engineeringmalware-analysisbinary-analysisthreat-intelligencegsoc-2026
      Python
      Apache License 2.0
      6515.8k24933Updated Jan 28, 2026Jan 28, 2026

    • capa-rules

      Public
      Standard collection of rules for capa: the tool for enumerating the capabilities of programs
      Apache License 2.0
      2096721238Updated Jan 28, 2026Jan 28, 2026

    • Vulnerability-Disclosures

      Public
      C++
      7021200Updated Jan 28, 2026Jan 28, 2026

    • capa-testfiles

      Public
      Data to test capa's code and rules.
      Max
      Apache License 2.0
      814705Updated Jan 28, 2026Jan 28, 2026

    • macos-UnifiedLogs

      Public
      A cross platform parser for Apple UnifiedLogs!
      macosrustappleforensicsdfir
      Rust
      Apache License 2.0
      3731640Updated Jan 28, 2026Jan 28, 2026

    • flare-gsoc

      Public
      Supporting resources and documentation for FLARE @ Google Summer of Code 2025
      Apache License 2.0
      83200Updated Jan 27, 2026Jan 27, 2026

    • harbinger

      Public
      Python
      Apache License 2.0
      15142017Updated Jan 26, 2026Jan 26, 2026

    • dncil

      Public
      The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
      Python
      Apache License 2.0
      1917122Updated Jan 26, 2026Jan 26, 2026

    • flare-floss

      Public
      FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
      stringsmalwaredeobfuscationmalware-analysisflaregsoc-2026
      Python
      Apache License 2.0
      5143.9k9414Updated Jan 26, 2026Jan 26, 2026

    • gocrack-ui

      Public
      The User Interface for GoCrack
      fireeye-flare
      Vue
      MIT License
      5088037Updated Jan 24, 2026Jan 24, 2026

    • stringsifter

      Public
      A machine learning tool that ranks strings based on their relevance for malware analysis.
      machine-learningstringsreverse-engineeringlearning-to-rankmalware-analysisfireeye-flarefireeye-data-science
      Python
      Apache License 2.0
      12674983Updated Jan 22, 2026Jan 22, 2026

    • VM-Packages

      Public
      Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
      reverse-engineeringmalware-analysischocolatey-packagesflare
      PowerShell
      Apache License 2.0
      9321410811Updated Jan 21, 2026Jan 21, 2026

    • GoReSym

      Public
      < 10BC0 /div>
      Go symbol recovery tool
      gsoc-2026
      Go
      MIT License
      8989583Updated Jan 13, 2026Jan 13, 2026

    • PwnAuth

      Public
      Python
      Apache License 2.0
      97398210Updated Jan 7, 2026Jan 7, 2026

    • speakeasy

      Public
      Windows kernel and user mode emulation.
      emulationmalware-analysis
      Python
      MIT License
      2731.8k434Updated Jan 6, 2026Jan 6, 2026

    • gootloader

      Public
      Collection of scripts used to deobfuscate GOOTLOADER malware samples.
      deobfuscationgootloader
      Python
      Apache License 2.0
      97710Updated Dec 29, 2025Dec 29, 2025

    • flare-vm

      Public
      A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
      reverse-engineeringmalware-analysisflare
      PowerShell
      Apache License 2.0
      1.1k8.3k206Updated Dec 23, 2025Dec 23, 2025

    • xrefer

      Public
      FLARE Team's Binary Navigator
      reverse-engineeringida-promalware-analysisbinary-analysisidapythonthreat-intelligenceidaplugingsoc-2026
      Python
      Apache License 2.0
      4030285Updated Dec 16, 2025Dec 16, 2025

    • flare-fakenet-ng

      Public
      FakeNet-NG - Next Generation Dynamic Network Analysis Tool
      malware-analysistraffic-redirectionfakenet-ngmandiant-flaregsoc-2026
      Python
      Apache License 2.0
      3792.1k6222Updated Dec 9, 2025Dec 9, 2025

    • vrt-sdk

      Public
      Python
      Apache License 2.0
      3100Updated Nov 24, 2025Nov 24, 2025

    • gocrack

      Public
      GoCrack is a management frontend for password cracking tools written in Go
      fireeye-flare
      Go
      MIT License
      2411.3k189Updated Nov 19, 2025Nov 19, 2025

    • brickstorm-scanner

      Public
      Shell
      148321Updated Nov 14, 2025Nov 14, 2025

    • cleanldap

      Public
      C
      Apache License 2.0
      59700Updated Oct 21, 2025Oct 21, 2025

    • commando-vm

      Public
      Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
      windowspenetration-testingred-teamingfireeye-flare
      PowerShell
      Apache License 2.0
      1.3k7.5k62Updated Oct 16, 2025Oct 16, 2025

    • STrace

      Public
      A DTrace on Windows Reimplementation
      gsoc-2024
      C++
      MIT License
      4936972Updated Oct 3, 2025Oct 3, 2025

    • vrt-auto

      Public
      Python
      Apache License 2.0
      3100Updated Aug 29, 2025Aug 29, 2025

    • flare-floss-testfiles

      Public
      Resources for testing FLOSS by the FLARE team.
      C
      20700Updated Aug 29, 2025Aug 29, 2025

    • flare-emu

      Public
      emulationmalware-analysisfireeye-flare
      Python
      Apache License 2.0
      14092251Updated Aug 14, 2025Aug 14, 2025

    • ADFSpoof

      Public
      Python
      Apache License 2.0
      6940725Updated Jun 5, 2025Jun 5, 2025

    • poisonplug-scatterbrain

      Public
      Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
      Python
      Apache License 2.0
      107500Updated Mar 14, 2025Mar 14, 2025
    0