Skip to content
@reverseame

RME-DisCo Research Group

Official repository of RME, a part of the DisCo research group from University of Zaragoza focused on software and systems security

Popular repositories Loading

  1. winapi-categories winapi-categories Public

    Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.

    Python 24 2

  2. sigcheck sigcheck Public

    Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed

    Python 21 4

  3. rop3 rop3 Public

    A tool to search for gadgets, operations, and ROP chains using a backtracking algorithm in a tree-like structure

    Python 19

  4. windows-memory-extractor windows-memory-extractor Public

    Tool to extract contents from the memory of Windows systems.

    C++ 13 3

  5. modex modex Public

    Volatility 3 plugins to extract a module as complete as possible

    Python 12

  6. pinVMShield pinVMShield Public

    A pintool for protecting a sandbox application of common anti-virtualmachine and anti-sandbox detection techniques

    C++ 11 2

Repositories

Showing 10 of 36 repositories
  • heaplist Public

    Volatility 3 plugin to extract the heap from Windows memory images

    reverseame/heaplist’s past year of commit activity
    Python 0 GPL-3.0 0 0 0 Updated Dec 20, 2025
  • BinTopsy Public

    A lightweight Python toolkit for static malware analysis, binary entropy visualization, and threat intelligence gathering. Includes tools for disassembly, YARA scanning, and VirusTotal automation.

    reverseame/BinTopsy’s past year of commit activity
    Python 2 GPL-3.0 0 0 0 Updated Nov 26, 2025
  • APOTHEOSIS Public

    A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor lookup of approximate matching hashes

    reverseame/APOTHEOSIS’s past year of commit activity
    Python 9 GPL-3.0 3 0 0 Updated Nov 17, 2025
  • Characterizing-TTPs-in-the-macOS-Threat-Landscape Public

    Source data and Scripts used for the paper: Characterizing Tactics, Techniques, and Procedures in the macOS Threat Landscape

    reverseame/Characterizing-TTPs-in-the-macOS-Threat-Landscape’s past year of commit activity
    Python 0 0 0 0 Updated Nov 12, 2025
  • MalGraphIQ Public

    Transform your malware sandbox reports and execution traces into behavior and category graphs and plot their Windows Behavior Catalog (WBC) behavior identification.

    reverseame/MalGraphIQ’s past year of commit activity
    Python 0 GPL-3.0 1 0 0 Updated Oct 22, 2025
  • KeyReaper Public

    KeyReaper: Memory Forensic Driven Key Extraction

    reverseame/KeyReaper’s past year of commit activity
    C++ 2 LGPL-3.0 1 0 0 Updated Sep 19, 2025
  • rme-Python-toolkit Public

    A collection of Python tools developed and maintained by the Reverseame research group.

    reverseame/rme-Python-toolkit’s past year of commit activity
    Python 0 0 0 0 Updated Sep 1, 2025
  • exploring-ZeroShot-LLM-DGA Public

    A framework for evaluating Large Language Models in zero-shot detection of Algorithmically Generated Domains (AGDs) used by malware for Command and Control communication.

    reverseame/exploring-ZeroShot-LLM-DGA’s past year of commit activity
    Python 0 GPL-3.0 0 0 0 Updated Jul 18, 2025
  • LLM-DGA-lab Public

    Framework for evaluating Large Language Models in zero-shot detection of Algorithmically Generated Domains (AGDs). Supports 9 LLMs across 4 vendors with binary/multiclass classification and reproducible experiments.

    reverseame/LLM-DGA-lab’s past year of commit activity
    Python 0 GPL-3.0 0 0 0 Updated Jul 18, 2025
  • MALVADA Public

    MALVADA: Malware Execution Traces Dataset generation.

    reverseame/MALVADA’s past year of commit activity
    Python 6 GPL-3.0 2 0 0 Updated Jul 12, 2025
View all repositories

Top languages

Loading…

Most used topics

Loading…