Name: RME-DisCo Research Group
Type: Organization
Bio: Official repository of RME, a part of the DisCo research group from University of Zaragoza focused on software and systems security
Location: Zaragoza, Spain
Blog: https://reversea.me
RME-DisCo Research Group's Projects
A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor lookup of approximate matching hashes
Bot de Telegram para facilitar la entrada de datos de asistencia presencial en aulas de la EINA
CAPEv2 (capemon) hook skeleton generator (hookdefs) for your malware analysis needs.
capemon: CAPE's monitor
Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets
Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.
EvalMe: an evaluation and benchmarking tool
Tool to find memory artifacts present in instant messaging applications.
Volatility plugin to detect malicious code thanks to ClamAV
MALVADA: Malware Execution Traces Dataset generation.
Volatility 3 plugins to extract a module as complete as possible
MOSTO is a SCADA network device simulator based on ModbusTCP communications. Based on Python3
TLS/SSL and crypto library
A pintool for protecting a sandbox application of common anti-virtualmachine and anti-sandbox detection techniques
Volatility plugin to calculate and compare Windows processes fuzzy hashes
Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
A tool to search for gadgets, operations, and ROP chains using a backtracking algorithm in a tree-like structure
C++ Sockets implementing hybrid encryption
Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
Volatility plugin to yield and compare similarity digest of modules on execution.
Volatility 2.6 plugin to undo modifications done by relocation process on modules
Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
Tool to extract contents from the memory of Windows systems.
Volatility plugin to search for all Autostart Extensibility Points (AESPs)