Skip to content

@FFRI FFRI Security, Inc.

Change the repository type filter

All

    Repositories list

    32 repositories

    • XPRSecretConfigs

      Public
      XProtect Remediator "secret" configurations
      Apache License 2.0
      0100Updated Aug 14, 2025Aug 14, 2025

    • PoC-public

      Public
      Python
      Apache License 2.0
      13000Updated Aug 4, 2025Aug 4, 2025

    • XPRTestSuite

      Public
      A collection of scripts and documents to help future XProtect Remediator (XPR) research
      C++
      Apache License 2.0
      1300Updated Jul 22, 2025Jul 22, 2025

    • ShadeBIOS

      Public
      PoC code of Shade BIOS (stripped) presented at Black Hat USA 2025
      C
      Apache License 2.0
      74000Updated Jul 16, 2025Jul 16, 2025

    • ShowProvenanceInfo

      Public
      A tool to show the provenance information of a file or directory
      Swift
      Apache License 2.0
      0000Updated Jul 10, 2025Jul 10, 2025

    • RemediationBuilderDSLSpec

      Public
      A reverse-engineered RemediationBuilder DSL specification
      Swift
      Apache License 2.0
      0200Updated Jul 10, 2025Jul 10, 2025

    • OpenRemediationBuilder

      Public
      A Swift reimplementation of the RemediationBuilder DSL
      Swift
      Apache License 2.0
      0100Updated Jul 10, 2025Jul 10, 2025

    • ProvenanceChecker

      Public
      A simple tool to check how provenance sandbox works
      C
      Apache License 2.0
      0000Updated Jul 10, 2025Jul 10, 2025

    • binja-xpr-analyzer

      Public
      A Binary Ninja plugin for analyzing XProtect Remediator binaries.
      Python
      Apache License 2.0
      0300Updated Jul 10, 2025Jul 10, 2025

    • binja-missinglink

      Public
      A Binary Ninja plugin for analyzing indirect branch targets in x86_64 binaries.
      Python
      Apache License 2.0
      0100Updated Jul 10, 2025Jul 10, 2025

    • binja-swift-analyzer

      Public
      A Binary Ninja plugin for analyzing Swift binaries
      Python
      Apache License 2.0
      0500Updated Jul 10, 2025Jul 10, 2025

    • FEXRD

      Public
      Feature Extractor for FFRI Dataset
      feature-extractorffri-dataset
      Python
      Apache License 2.0
      3500Updated Aug 5, 2024Aug 5, 2024

    • FEXRD-test-files

      Public
      Test files for FEXRD
      Apache License 2.0
      0000Updated Aug 5, 2024Aug 5, 2024

    • orom-backdoor-research

      Public
      PoC code and tools for Black Hat USA 2024
      C
      Apache License 2.0
      32300Updated Aug 1, 2024Aug 1, 2024

    • ffridataset-scripts

      Public
      Make datasets like FFRI Dataset
      Python
      Apache License 2.0
      31221Updated Jul 23, 2024Jul 23, 2024

    • pypeid

      Public
      Yet another implementation of PEiD with yara-python
      Python
      Apache License 2.0
      2720Updated Jun 17, 2024Jun 17, 2024

    • LIEF

      Public
      LIEF - Library to Instrument Executable Formats
      C++
      Apache License 2.0
      674000Updated Apr 23, 2024Apr 23, 2024

    • eolh

      Public
      Bring Security Observability to Windows Containers
      Go
      Apache License 2.0
      455200Updated Apr 2, 2024Apr 2, 2024

    • eolh-docs

      Public
      HTML
      0000Updated Apr 2, 2024Apr 2, 2024

    • ProjectChameleon

      Public
      Analyzing CHPEV2 ARM64EC and ARM64X
      Python
      Apache License 2.0
      104911Updated Nov 2, 2023Nov 2, 2023

    • XtacPoisoning

      Public
      PoC code of XTA Cache Poisoning presented at Black Hat Asia 2023
      C++
      Apache License 2.0
      1300Updated May 10, 2023May 10, 2023

    • AotPoisoning

      Public
      PoC code of AOT poisoning presented at Black Hat Asia 2023
      Python
      Apache License 2.0
      11100Updated May 10, 2023May 10, 2023

    • radare2

      Public archive
      UNIX-like reverse engineering framework and command-line toolset
      radare2binary-translationradare2-pluginwindows10-armxta-cache
      C
      GNU Lesser General Public License v3.0
      3.1k800Updated Feb 17, 2023Feb 17, 2023

    • JSAC2023-GolangMalwareAnalysis

      Public
      Scripts introduced in JSAC2023 presentation on analysis of Go language malware
      Python
      Apache License 2.0
      1600Updated Jan 24, 2023Jan 24, 2023

    • magne-flame

      Public archive
      A fast and extensible fuzzing framework
      Rust
      Apache License 2.0
      0204Updated Jun 6, 2022Jun 6, 2022

    • ProjectChampollion

      Public
      Reverse engineering Rosetta 2 on M1 Mac
      macosreverse-engineeringmacosxghidramacos-m1rosetta2
      Python
      Apache License 2.0
      2441510Updated Aug 3, 2021Aug 3, 2021

    • visualize-package

      Public archive
      Compare npm packages by their development momentum
      TypeScript
      Apache License 2.0
      2211Updated May 7, 2021May 7, 2021

    • PackerDetectorConsideration

      Public
      Consideration of packer detection tool for FFRI Dataset scripts
      Jupyter Notebook
      Apache License 2.0
      0000Updated Mar 25, 2021Mar 25, 2021

    • PackerDetectionToolEvaluation

      Public
      Evaluation of packer type estimation/detection tools
      Python
      Apache License 2.0
      51300Updated Mar 24, 2021Mar 24, 2021

    • XtaTools

      Public
      PoC code and tools for Black Hat EU 2020
      code-injectionblack-hatwindows10-armshellcoderadare2xta-cachejit-binary-translation
      Python
      Apache License 2.0
      71700Updated Dec 9, 2020Dec 9, 2020