Hipepper / antiVMLinks
Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.
☆41Updated 2 years ago
Alternatives and similar repositories for antiVM
Users that are interested in antiVM are comparing it to the libraries listed below
Sorting:
- 使用 Intel 虚拟化特性实现应用层HOOK☆61Updated 5 months ago
- 跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…☆69Updated last year
- ☆86Updated 4 years ago
- A POC to detect the exist of VMProtect 3 protection by search feature watermark.☆80Updated last year
- 一个仅使用2字节修改实现内核任意函数hook的方法。☆57Updated 2 months ago
- a IDA plugin helps you to manage your IDA Comments☆22Updated 10 months ago
- 大数字驱动逆向代码☆71Updated last year
- Exploit vulnerabilities in NeacSafe64.sys to achieve privilege escalation and kernel-mode shellcode execution☆20Updated last month
- VMProtectTest☆36Updated 2 years ago
- ida plugin to parse qt meta data☆77Updated 6 months ago
- ☆33Updated last year
- Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.☆40Updated 3 months ago
- Heaven's Gate implementation in C for constructing x64 Win32 API call in x86 WoW64 processes.☆71Updated 3 years ago
- IDA高级技巧 API符号自动识别库 IDASignMaker☆135Updated 4 years ago
- Win7内核私有符号结构转储☆68Updated 3 years ago
- 非编译时代码混淆,包括代码块拆分、代码乱序、常量加密、代码变异、抹除jcc、局部混淆等,主要提供框架以及思路☆31Updated 2 years ago
- Another LLVM-obfuscator based on LLVM-17. A fork of Arkari☆78Updated last year
- LLVM based "VM" obfuscator☆144Updated 4 years ago
- ZMQ and Messagepack Powered Remote Automation Plugin for x64dbg☆38Updated last week
- 一个用来做windows内核hook的框架☆172Updated 3 months ago
- 用来辅助分析VB程序的IDA插件☆25Updated 4 years ago
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆127Updated last year
- Kotoamatsukami is an obfuscator based on LLVM-17, utilizing LLVM's new pass to implement plug-in features, for obfuscating multiple langu…☆51Updated 4 months ago
- IDA Pro plugin AntiXorstr☆141Updated 5 months ago
- Automatically identify and extract potential anti-debugging techniques used by malware.☆161Updated 8 months ago
- 一个windows内核驱动分析框架,对内核所有导出函数进行挂钩监控☆57Updated 2 months ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆133Updated 6 months ago
- Obfuscator-LLVM for LLVM 16.x branch☆226Updated last year
- If you are cracking a mfc program, you may find this useful.☆70Updated 11 years ago
- Enum and Remove Hook in Windows☆38Updated 2 weeks ago