Ghidra 9.2 has been released!
This version has improvements to analysis, the user interface, new open source based graphing, decompiler quality enhancements, and more!

https://ghidra-sre.org/

Reverse Engineering with Ghidra | HackadayU

https://www.youtube.com/playlist?list=PL_tws4AXg7auglkFo6ZRoWGXnWL0FHAEi

Malware Capabilities

Starting with version 4.1, MAEC offers a standard way of capturing the set of high-level abilities that a malware instance possesses, which we term Capabilities. For instance, to state that a malware instance is capable of exfiltrating data, one may simply specify a single MAEC "Data Exfiltration" Capability. We have defined an initial set of Capabilities for the MAEC v4.1 release, which is captured in detail in the hierarchy below.

https://github.com/MAECProject/schemas/wiki/Malware-Capabilities

Malware Behavior Catalog v2.0

The Malware Behavior Catalog (MBC) is a catalog of malware objectives and behaviors, created to support malware analysis-oriented use cases, such as labeling, similarity analysis, and standardized reporting.

https://github.com/MBCProject/mbc-markdown

Collection of malware source code for a variety of platforms in an array of different programming languages.

https://github.com/vxunderground/MalwareSourceCode

CapaExplorer
Capa analysis importer for Ghidra.

https://github.com/reb311ion/CapaExplorer

Reverse Engineering: Process Hollowing | Process Doppelgang-ing Hybrid used by The Osiris Dropper

https://youtu.be/VPKjHBQyMR0

AngryGhidra

https://github.com/Nalen98/AngryGhidra

SRP Streams in MS Office Documents Reveal Earlier Versions of Malicious Macros

https://www.sans.org/blog/srp-streams-in-ms-office-documents-reveal-earlier-versions-of-malicious-macros/

ImHex
A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM.

https://github.com/WerWolv/ImHex

Program-transformation.org is dedicated to collecting, organizing and disseminating information about all aspects of program transformation in order to share results across communities.

http://www.program-transformation.org/

Ghidra-Jupyter

https://github.com/GhidraJupyter/ghidra-jupyter-kotlin

pe_unmapper
convert beteween the PE alignments (raw and virtual).

https://github.com/hasherezade/libpeconv/tree/master/pe_unmapper

The official community group is up 🥳🥳🎉

Please read and remember to stick to the rules. Make it a valuable place for learning and sharing knowledge with each other. If anything is unclear, please ask for clarification. After that.

[[ Rules ]]

- The sole language in the chat is English. Messages in any other language will be removed and a warning will be issued.

- Off-topic messages will be removed without warning. This is not a technical support channel.

- Although this is already covered in the "no off-topic" rule, the high amount of offenders caused this to be a specific rule: asking for help after a ransomware infection or for cracking a software is off-topic and thus not permitted.

- Be civil, clear and concise when asking a question. No one in this chat is obliged to answer your question. Help is given on a voluntary basis, and cannot be demanded as such. Depending on the severity of the offense, a warning will be given. After a few warnings, you will be removed from the group on a permanent basis.

- Copyrighted material which is not to be distributed, is not to be distributed in this channel. Any form of illegal content sharing is strictly forbidden. Breaking this rule results in a permanent ban.

- Any illegal activity is forbidden, causing you to be permanently removed from the group without warning.

Enjoy!

@reverseengineeringz

Anti Analysis using api hashing

https://neil-fox.github.io/Anti-analysis-using-api-hashing/