{"payload":{"pageCount":4,"repositories":[{"type":"Public","name":"flare-floss","owner":"mandiant","isFork":false,"description":"FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.","allTopics":["strings","deobfuscation","flare","gsoc-2024","malware","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":9,"issueCount":91,"starsCount":3179,"forksCount":446,"license":"Apache License 2.0","participation":[2,0,0,9,5,2,13,15,3,7,0,16,2,1,0,13,0,0,3,0,0,0,2,3,12,14,0,0,1,11,6,8,1,0,1,5,3,9,7,0,0,0,0,0,0,0,0,0,0,0,0,9],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-23T15:42:04.973Z"}},{"type":"Public","name":"capa","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source tool to identify capabilities in executable files.","allTopics":["reverse-engineering","malware-analysis","binary-analysis","threat-intelligence"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":16,"issueCount":214,"starsCount":4116,"forksCount":514,"license":"Apache License 2.0","participation":[12,10,25,83,9,11,19,21,9,35,4,8,6,1,10,12,11,13,23,4,16,14,9,6,3,10,2,2,3,5,10,14,12,6,6,20,15,34,36,7,13,23,26,37,38,52,48,40,24,1,21,23],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-23T14:50:59.756Z"}},{"type":"Public","name":"macos-UnifiedLogs","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Rust","color":"#dea584"},"pullRequestCount":1,"issueCount":7,"starsCount":206,"forksCount":14,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,4,3,3,0,0,0,0,2,4,0,0,0,0,0,0,0,5,0,1,0,1,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-23T12:52:57.816Z"}},{"type":"Public","name":"capa-rules","owner":"mandiant","isFork":false,"description":"Standard collection of rules for capa: the tool for enumerating the capabilities of programs","allTopics":[],"primaryLanguage":null,"pullRequestCount":2,"issueCount":85,"starsCount":521,"forksCount":157,"license":"Apache License 2.0","participation":[2,2,27,4,5,0,1,8,14,10,4,4,2,0,3,3,3,6,0,2,2,7,5,1,0,0,0,0,0,0,5,3,0,0,3,6,3,3,0,0,0,0,0,1,4,4,7,0,0,2,4,5],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-22T12:09:07.950Z"}},{"type":"Public","name":"PwnAuth","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":10,"issueCount":2,"starsCount":362,"forksCount":89,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-20T15:16:09.570Z"}},{"type":"Public","name":"VM-Packages","owner":"mandiant","isFork":false,"description":"Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.","allTopics":["reverse-engineering","malware-analysis","chocolatey-packages","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":8,"issueCount":92,"starsCount":138,"forksCount":62,"license":"Apache License 2.0","participation":[16,12,19,32,15,11,19,8,15,4,16,25,41,0,18,12,30,16,12,13,20,29,19,34,0,4,19,10,27,30,23,4,22,23,4,20,17,15,14,3,0,4,3,5,0,3,2,25,10,7,2,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-18T22:25:01.494Z"}},{"type":"Public","name":"capa-testfiles","owner":"mandiant","isFork":false,"description":"Data to test capa's code and rules.","allTopics":[],"primaryLanguage":{"name":"Max","color":"#c4a79c"},"pullRequestCount":5,"issueCount":0,"starsCount":39,"forksCount":64,"license":"Apache License 2.0","participation":[0,0,1,3,0,0,0,1,2,1,0,0,0,0,4,1,0,0,0,1,0,0,1,1,1,1,0,3,5,2,2,0,1,0,0,8,4,3,2,0,1,0,2,0,0,11,6,0,2,2,8,1],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-16T12:18:19.691Z"}},{"type":"Public","name":"dncil","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":7,"issueCount":2,"starsCount":133,"forksCount":15,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,6,2,2,0,0,3,0,0,0,0,0,3,0,0,2,2,1,0,1,1,0,3,0,0,1,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-16T09:08:02.933Z"}},{"type":"Public","name":"flare-vm","owner":"mandiant","isFork":false,"description":"A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.","allTopics":["reverse-engineering","malware-analysis","flare"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":1,"issueCount":17,"starsCount":6390,"forksCount":900,"license":"Apache License 2.0","participation":[7,1,17,6,0,0,3,0,15,1,0,7,3,0,1,0,5,1,0,0,4,2,1,4,0,2,1,2,2,0,5,0,0,6,4,0,2,0,0,1,0,0,2,0,0,0,1,3,10,10,1,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-13T21:29:15.587Z"}},{"type":"Public","name":"gocrack-ui","owner":"mandiant","isFork":false,"description":"The User Interface for GoCrack","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Vue","color":"#41b883"},"pullRequestCount":31,"issueCount":0,"starsCount":83,"forksCount":52,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-11T12:00:16.515Z"}},{"type":"Public","name":"commando-vm","owner":"mandiant","isFork":false,"description":"Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com","allTopics":["penetration-testing","red-teaming","fireeye-flare","windows"],"primaryLanguage":{"name":"PowerShell","color":"#012456"},"pullRequestCount":1,"issueCount":5,"starsCount":6889,"forksCount":1286,"license":"Apache License 2.0","participation":[0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,1,4,3,0,3,0,0,0,0,0,3,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-10T05:39:40.571Z"}},{"type":"Public","name":"shelidate","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,2,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-09-05T06:21:04.693Z"}},{"type":"Public","name":"Vulnerability-Disclosures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":0,"issueCount":0,"starsCount":185,"forksCount":60,"license":null,"participation":[0,0,0,0,2,0,2,3,0,0,0,0,3,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,4,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-30T22:31:53.021Z"}},{"type":"Public","name":"GoReSym","owner":"mandiant","isFork":false,"description":"Go symbol recovery tool","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":8,"starsCount":548,"forksCount":64,"license":"MIT License","participation":[0,7,9,0,0,0,2,0,0,4,0,0,0,0,0,0,0,0,0,6,0,1,0,0,0,0,0,0,0,2,0,0,2,0,0,1,0,7,0,0,0,0,0,0,1,0,1,4,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-19T16:29:48.020Z"}},{"type":"Public","name":"GeoLogonalyzer","owner":"mandiant","isFork":false,"description":"GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":4,"issueCount":5,"starsCount":195,"forksCount":55,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,1,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T13:38:22.591Z"}},{"type":"Public","name":"ADFSpoof","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":2,"starsCount":348,"forksCount":58,"license":"Apache License 2.0","participation":[0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-08-12T08:13:42.909Z"}},{"type":"Public","name":"gootloader","owner":"mandiant","isFork":false,"description":"Collection of scripts used to deobfuscate GOOTLOADER malware samples.","allTopics":["deobfuscation","gootloader"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":1,"starsCount":51,"forksCount":7,"license":"Apache License 2.0","participation":[4,4,0,0,4,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-26T19:03:33.624Z"}},{"type":"Public","name":"STrace","owner":"mandiant","isFork":false,"description":"A DTrace on Windows Reimplementation","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"C++","color":"#f34b7d"},"pullRequestCount":3,"issueCount":5,"starsCount":317,"forksCount":41,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-22T18:08:23.641Z"}},{"type":"Public","name":"stringsifter","owner":"mandiant","isFork":false,"description":"A machine learning tool that ranks strings based on their relevance for malware analysis.","allTopics":["machine-learning","strings","reverse-engineering","learning-to-rank","fireeye-flare","fireeye-data-science","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":2,"issueCount":5,"starsCount":675,"forksCount":124,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-15T18:27:12.004Z"}},{"type":"Public","name":"flare-ida","owner":"mandiant","isFork":false,"description":"IDA Pro utilities from FLARE team","allTopics":["reverse-engineering","ida-pro","ida-plugin","idapython","fireeye-flare","ida"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":22,"starsCount":2199,"forksCount":463,"license":"Apache License 2.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-09T17:07:53.755Z"}},{"type":"Public","name":"gocrack","owner":"mandiant","isFork":false,"description":"GoCrack is a management frontend for password cracking tools written in Go","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":8,"issueCount":18,"starsCount":1113,"forksCount":240,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-07-05T21:32:20.468Z"}},{"type":"Public","name":"flare-fakenet-ng","owner":"mandiant","isFork":false,"description":"FakeNet-NG - Next Generation Dynamic Network Analysis Tool","allTopics":["traffic-redirection","fakenet-ng","mandiant-flare","gsoc-2024","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":21,"issueCount":58,"starsCount":1766,"forksCount":358,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-01T05:09:02.110Z"}},{"type":"Public","name":"Ghidrathon","owner":"mandiant","isFork":false,"description":"The FLARE team's open-source extension to add Python 3 scripting to Ghidra.","allTopics":["gsoc-2024"],"primaryLanguage":{"name":"Java","color":"#b07219"},"pullRequestCount":2,"issueCount":16,"starsCount":688,"forksCount":54,"license":"Apache License 2.0","participation":[1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,12,0,0,2,0,0,0,0,0,0,1,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-08T19:29:24.034Z"}},{"type":"Public","name":"speakeasy","owner":"mandiant","isFork":false,"description":"Windows kernel and user mode emulation.","allTopics":["emulation","gsoc-2023","malware-analysis"],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":3,"issueCount":36,"starsCount":1476,"forksCount":228,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-12T05:04:33.443Z"}},{"type":"Public","name":"gocat","owner":"mandiant","isFork":false,"description":"Provides access to libhashcat","allTopics":["fireeye-flare"],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":4,"issueCount":1,"starsCount":29,"forksCount":23,"license":"MIT License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-04-06T11:45:39.931Z"}},{"type":"Public","name":"ccmpwn","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":174,"forksCount":21,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,15,3,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-26T20:51:27.562Z"}},{"type":"Public","name":"red_team_tool_countermeasures","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"YARA","color":"#220000"},"pullRequestCount":1,"issueCount":2,"starsCount":2644,"forksCount":846,"license":"BSD 2-Clause \"Simplified\" License","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-03-05T10:19:46.866Z"}},{"type":"Public","name":"flare-gsoc-2024","owner":"mandiant","isFork":false,"description":"Supporting resources and documentation for FLARE @ Google Summer of Code 2024","allTopics":[],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":15,"forksCount":1,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,6,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-12T16:36:17.283Z"}},{"type":"Public","name":"flare-floss-testfiles","owner":"mandiant","isFork":false,"description":"Resources for testing FLOSS by the FLARE team.","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":19,"license":null,"participation":[0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-05T09:33:52.197Z"}},{"type":"Public","name":"citrix-ioc-scanner-cve-2023-3519","owner":"mandiant","isFork":false,"description":"","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":4,"starsCount":65,"forksCount":3,"license":"Apache License 2.0","participation":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-09-01T19:14:30.147Z"}}],"repositoryCount":93,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"mandiant repositories"}