triage-collector is a triage collection tool for fast forensic.

https://github.com/herosi/triage-collector

VMUnprotect.Dumper can dynamically untamper VMProtected Assembly

https://github.com/void-stack/VMUnprotect.Dumper

a suite of utilities and libraries that enables analysis of binary programs. BAP supports x86, x86-64, ARM, MIPS, PowerPC and new architectures can be added using plugins. BAP includes various analyses, standard interpreter, microexecution interpreter, and a symbolic executor.

https://github.com/BinaryAnalysisPlatform/bap?s=09

Unpacking Malware Like A Pro - Workshop / Felipe Duarte

https://www.youtube.com/watch?v=NJyc5IcXIQ4

PE file viewer/editor for Windows, Linux and MacOS.

https://github.com/horsicq/XPEViewer?s=09

Unofficial YARA IDA Pro plugin, along with an unparalleled crypto/hash/compression rule set based on Luigi Auriemma's signsrch signatures.

https://github.com/kweatherman/yara4ida

Взамен устаревшего Signsearch плагина

Windows Drivers Reverse Engineering Methodology

https://voidsec.com/windows-drivers-reverse-engineering-methodology/

ебануться я вам ссылок накидал, сохранял для себя, пусть тут будет

Коротко о моих сохраненных сообщениях телеграма

кстати очень вкусно, попробуйте, это я рецепт сам придумал ахахха

Official x64dbg plugin for Binary Ninja.

https://github.com/x64dbg/x64dbgbinja

An introduction to reverse engineering .NET AOT applications

https://harfanglab.io/en/insidethelab/reverse-engineering-ida-pro-aot-net/

LLVM обфускатор

LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.

https://github.com/janoglezcampos/llvm-yx-callobfuscator

+

Дамп памяти процесса (apk, ios ipa, ...) фридой

https://github.com/Nightbringer21/fridump

Пример:
https://medium.com/@prnz_offl/dumping-android-application-memory-with-fridump-7adf2ca48fa3

про клик фермы
https://www.huckmag.com/article/inside-the-weird-shady-world-of-click-farms

Frida cкрипт, позволяет расшифровывать schannel TLS трафик (IIS, RDP, IE, Outlook, Powershell,LDAP,...) (проверил, работает на Windows 11. На Win7 не работает)

https://github.com/ngo/win-frida-scripts/tree/master/lsasslkeylog-easy

Статья:

Decrypting Schannel TLS traffic. Part 1. Getting secrets from lsass

Fuzzer for Windows kernel syscalls

https://github.com/waleedassar/SimpleNTSyscallFuzzer

What Every Malware Analyst Should Know About PE Relocations

http://malwareid.in/unpack/unpacking-basics/pe-relocation-table

Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546)

https://github.com/Nassim-Asrir/ZDI-24-020/