Battelle / REpsych
Psychological warfare in reverse engineering
☆179Updated 6 years ago
Related projects: ⓘ
- Code deobfuscation framework to simplify Mixed Boolean-Arithmetic (MBA) expressions☆280Updated 4 months ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆195Updated 2 years ago
- Windows NT x64 syscall fuzzer☆584Updated last year
- An analysis of the Warbird virtual-machine protection for the CI!g_pStore☆217Updated 6 years ago
- This project provides a collection of Microsoft Windows kernel structures, unions and enumerations. Most of them are not officially docum…☆159Updated 3 months ago
- Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …☆127Updated last year
- Tutorial on how to write the dumbest obfuscator I could think of.☆166Updated 4 years ago
- abyss - augmentation of Hexrays decompiler output☆324Updated last year
- Simple VM based x86 PE (portable exectuable) protector.☆325Updated 9 years ago
- Control-flow-flattening and string deobfuscator☆145Updated 2 years ago
- Official x64dbg plugin for IDA Pro.☆440Updated last year
- AntiDebugging sample sources written in C++☆333Updated 6 years ago
- Shell extension for opening executables in IDA☆182Updated last year
- Debug Child Process Tool (auto attach)☆267Updated last year
- IDA Pro plugin to manage classes☆271Updated last week
- IDA Pro plugin to make bitfield accesses easier to grep☆221Updated 5 months ago
- DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.☆350Updated 4 years ago
- Yet another windows internals repo☆202Updated 3 years ago
- SimpleSvmHook is a research purpose hypervisor for Windows on AMD processors.☆345Updated 3 years ago
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆506Updated last month
- A small bootkit which does not rely on x64 assembly.☆429Updated 5 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆203Updated 4 years ago
- Reverse engineering tutorials☆155Updated 6 years ago
- Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.☆308Updated 5 months ago
- ☆90Updated 3 years ago
- A library to develop kernel level Windows payloads for post HVCI era☆355Updated 3 years ago
- IFL - Interactive Functions List (plugin for IDA Pro)☆422Updated 2 months ago
- Anti-debugging techniques on a (bad looking) Win32 application.☆232Updated 5 months ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆822Updated 4 years ago
- A collection of LLVM transform and analysis passes to write shellcode in regular C☆368Updated last year