A project that aims to automatically devirtualize code that has been virtualized using x86virt
☆126Dec 3, 2022Updated 3 years ago
Alternatives and similar repositories for x86devirt
Users that are interested in x86devirt are comparing it to the libraries listed below
Sorting:
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Updated this week
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- Simple VM based x86 PE (portable exectuable) protector.☆366Mar 15, 2015Updated 10 years ago
- ☆178Nov 25, 2018Updated 7 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- hook msr by amd svm☆125Dec 30, 2019Updated 6 years ago
- Automatic function exporting and linking for fuzzing cross-architecture binaries.☆51Sep 9, 2018Updated 7 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- Simple VM-based scripting language☆13Feb 25, 2020Updated 6 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- ☆82Dec 3, 2017Updated 8 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).☆80May 10, 2018Updated 7 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- writings on anti-reverse engineering.☆290Nov 13, 2021Updated 4 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆53Oct 14, 2018Updated 7 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆73Apr 14, 2017Updated 8 years ago
- PinVMP:虚拟化代码辅助分析工具☆148May 27, 2018Updated 7 years ago
- Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.☆24Jan 23, 2018Updated 8 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.☆821Sep 7, 2020Updated 5 years ago
- PowerShell interpreter for unmanaged (non CLI) C++ projects☆16Jul 19, 2017Updated 8 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- PoC for a taint based attack on VMProtect☆123Jul 3, 2019Updated 6 years ago
- Analyze PatchGuard☆56Aug 19, 2018Updated 7 years ago
- idenLib - Library Function Identification [This project is not maintained anymore]☆395Mar 17, 2019Updated 6 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆266Jul 6, 2017Updated 8 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆188Jun 24, 2019Updated 6 years ago
- kHypervisor is a lightweight bluepill-like nested VMM for Windows, it provides and emulating a basic function of Intel VT-x☆443Nov 29, 2021Updated 4 years ago
- Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deo…☆884Nov 21, 2023Updated 2 years ago
- Symbolic debugging tool using JonathanSalwan/Triton☆25Oct 24, 2018Updated 7 years ago
- Reverse engineering tool for virtualization wrappers☆147Sep 7, 2023Updated 2 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- PatchGuard Research☆304Oct 6, 2018Updated 7 years ago