Improved VMP Idea(detect anti-anti-debug tools by bug)
☆47Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for Unabomber
Users that are interested in Unabomber are comparing it to the libraries listed below
Sorting:
- Detect suspend you process☆13Jun 7, 2023Updated 2 years ago
- Documents the reverse engineering and partial disabling of Steam's CEG anti-tamper protections in T6SP, while preserving its anti-piracy …☆57May 6, 2025Updated 10 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆92Jul 28, 2024Updated last year
- ☆11Jul 12, 2022Updated 3 years ago
- Repository of different kernel drivers written while studying Windows NT Driver development☆12Apr 14, 2024Updated last year
- Kernel ReClassEx☆68Nov 21, 2023Updated 2 years ago
- Lightweight PDB symbol parser and resolver☆28Oct 28, 2024Updated last year
- Symbolic Execution based on lifting amd64 to z3☆32Jul 2, 2024Updated last year
- llvm powered deobfuscation of a vm-based protection☆52Feb 25, 2026Updated last week
- ☆20Oct 14, 2024Updated last year
- AMx64 is a simulated 64-bit environment that can interpret nasm-like asm code. It allows a usage of different 64-bit registers and 64-bit…☆21Dec 22, 2023Updated 2 years ago
- Open sourced result for The Agent Company☆21Nov 11, 2025Updated 3 months ago
- Disables virtualprotect checks/hooks so you can modify memory and change memory protection in binaries protected by VMProtect.☆135Jun 13, 2021Updated 4 years ago
- Tiny C x86_64 function detouring library.☆28Jan 18, 2026Updated last month
- A demonstration of hooking into the VMProtect-2 virtual machine☆24Nov 9, 2023Updated 2 years ago
- ETrace is a syscall tracing utility powered by eBPF☆26Feb 26, 2023Updated 3 years ago
- x86-64 Automated test data generator☆26Aug 18, 2025Updated 6 months ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Example WDF/KMDF driver and test app demonstrating the "inverted call model"☆37May 1, 2020Updated 5 years ago
- An optimizing decompiler (modified to use remill semantics)☆30Jan 4, 2019Updated 7 years ago
- PDB Rewriting Rust Library☆27Apr 26, 2024Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Rust library for lifting raw binary data to LLVM IR☆64Jul 18, 2025Updated 7 months ago
- PoC over some VMP features☆24Jul 26, 2025Updated 7 months ago
- PoC code for IsValidImageCRC()☆22May 3, 2023Updated 2 years ago
- VMP Mutation API Fix☆44Feb 17, 2022Updated 4 years ago
- Disarm — Fast AArch64 Decode/Encoder☆45Dec 21, 2024Updated last year
- Call VmProtect functions directly from your Tauri WebView.☆13Jan 31, 2026Updated last month
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆68Feb 7, 2024Updated 2 years ago
- Another ( there are few ) repository with FLIRT signatures☆28Aug 11, 2024Updated last year
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- Function hooks in Windows NT Kernel☆27Oct 13, 2020Updated 5 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- My Personal Kernel-Mode Process dumper☆13Feb 18, 2024Updated 2 years ago
- VMProtect2 Deobfuscation Tooling☆90Nov 12, 2025Updated 3 months ago
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- Compiler for reverse engineers☆44Jan 29, 2026Updated last month
- This project demonstrating multiple protection and anti-analysis techniques, including self-modifying code.☆14Oct 9, 2023Updated 2 years ago
- Test data for x86 instructions☆13Apr 13, 2021Updated 4 years ago