Alternatives and similar repositories for GAMBA

Users that are interested in GAMBA are comparing it to the libraries listed below

• mrT4ntr4 / MODeflattener
  MODeflattener deobfuscates control flow flattened functions obfuscated by OLLVM using Miasm.
  ☆198Updated 4 years ago
• bigBestWay / CodeObfs
  LLVM based "VM" obfuscator
  ☆150Updated 4 years ago
• LLVMParty / TicklingVMProtect
  Assets for the "Tickling VMProtect with LLVM" blog post.
  ☆163Updated 4 years ago
• pgarba / SiMBA-
  Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)
  ☆105Updated 2 months ago
• DenuvoSoftwareSolutions / SiMBA
  Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions
  ☆179Updated 2 years ago
• gdbinit / HexRaysDeob
  Hex-Rays OLLVM Deobfuscator and MicroCode Explorer
  ☆178Updated 5 years ago
• merces / showcomments
  IDA Pro plugin that displays all comments in a database
  ☆73Updated last month
• maskelihileci / IDA_Ollvm-unflattener
  Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.
  ☆89Updated 9 months ago
• AntoineBlaud / TheCodexRebirth
  Taint Analysis Engine and Trace Exploration : Overcome Obfuscation
  ☆51Updated 2 months ago
• kweatherman / ida_missinglink
  IDA Plugin that fills in missing indirect CALL & JMP target information
  ☆141Updated last year
• harlamism / IdaClu
  IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.
  ☆177Updated 7 months ago
• quarkslab / qsynthesis
  Greybox Synthesizer geared for deobfuscation of assembly instructions.
  ☆164Updated 10 months ago
• overfl0 / IDAPython-pycharm-setup
  How to setup Pycharm to run scripts in IDA using the Run menu (or a keybind)
  ☆42Updated last year
• w00tzenheimer / d810-ng
  D810-ng (Next Generation) is an updated, tested, refactored, and optimized IDA Pro plugin used to deobfuscate code at decompilation time …
  ☆85Updated 3 weeks ago
• tomrus88 / OpenLumina
  IDA plugin that allows connecting to third party Lumina servers
  ☆138Updated 3 weeks ago
• zhkl0228 / d810
  D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.
  ☆63Updated 4 years ago
• HongThatCong / FindCrypt3
  Find crypto constants IDA 7.x plugin
  ☆121Updated 3 years ago
• Sandspeare / ida2llvm
  ☆62Updated last year
• cbwang505 / unicorn-whpx
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆78Updated 2 years ago
• mmert11 / binaryshield-devirtualizer
  llvm powered deobfuscation of a vm-based protection
  ☆45Updated 8 months ago
• softsec-unh / MBA-Blast
  MBA-Blast is a tool for simplification of MBA expressions.
  ☆70Updated 4 years ago
• HexRaysSA / ida-domain
  IDA Domain API - Python interface for IDA Pro reverse engineering platform
  ☆226Updated last week
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆151Updated last year
• CKCat / d810
  fork 自 https://gitlab.com/eshard/d810 添加了参考文章、测试样本，作为备份。
  ☆16Updated 4 years ago
• nhpcc502 / MBA-Obfuscator
  Non-linear Mixed Boolean-Arithmetic Expressions
  ☆69Updated last year
• allthingsida / strikeout
  IDA strike-out: A Hex-Rays decompiler plugin to patch the Ctree
  ☆125Updated last month
• HexRaysSA / ida-sdk
  This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.
  ☆278Updated 2 weeks ago
• za233 / LLVMMyPass
  My toy llvm pass
  ☆138Updated 3 years ago
• goatmilkkk / nuitka-helper
  Symbol Recovery Tool for Nuitka Binaries
  ☆78Updated last year
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆91Updated 5 years ago