A project that aims to automatically devirtualize code that has been virtualized using x86virt
☆127Dec 3, 2022Updated 3 years ago
Alternatives and similar repositories for x86devirt
Users that are interested in x86devirt are comparing it to the libraries listed below
Sorting:
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated 3 weeks ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- Simple VM based x86 PE (portable exectuable) protector.☆369Mar 15, 2015Updated 11 years ago
- This is a simple driver with x64 inline assembly☆55Jun 26, 2020Updated 5 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- ☆179Nov 25, 2018Updated 7 years ago
- Simple VM-based scripting language☆13Feb 25, 2020Updated 6 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆14Oct 10, 2018Updated 7 years ago
- ☆12Feb 19, 2017Updated 9 years ago
- Automatic function exporting and linking for fuzzing cross-architecture binaries.☆51Sep 9, 2018Updated 7 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- idenLib - Library Function Identification [This project is not maintained anymore]☆395Mar 17, 2019Updated 7 years ago
- ☆37Sep 8, 2015Updated 10 years ago
- PowerShell interpreter for unmanaged (non CLI) C++ projects☆16Jul 19, 2017Updated 8 years ago
- Windows 10 kernel and ntdll internal types, directly compatible with ida.☆53Oct 14, 2018Updated 7 years ago
- hook msr by amd svm☆125Dec 30, 2019Updated 6 years ago
- ☆82Dec 3, 2017Updated 8 years ago
- Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deo…☆887Nov 21, 2023Updated 2 years ago
- Virtual machine with a custom instruction set in C☆16Jul 17, 2018Updated 7 years ago
- Green shellcode challenge tools☆22Apr 9, 2019Updated 6 years ago
- PoC for a taint based attack on VMProtect☆123Jul 3, 2019Updated 6 years ago
- ☆29Jan 15, 2021Updated 5 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Internet Explorer MemoryProtection Mitigation☆32Jul 17, 2014Updated 11 years ago
- PinVMP:虚拟化代码辅助分析工具☆148May 27, 2018Updated 7 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).☆80May 10, 2018Updated 7 years ago
- Sacara VM☆123Dec 17, 2019Updated 6 years ago
- Analyze PatchGuard☆56Aug 19, 2018Updated 7 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆79Jan 24, 2011Updated 15 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- PatchGuard Research☆304Oct 6, 2018Updated 7 years ago
- Symbolic debugging tool using JonathanSalwan/Triton☆25Oct 24, 2018Updated 7 years ago
- Reverse engineering tool for virtualization wrappers☆148Sep 7, 2023Updated 2 years ago
- writings on anti-reverse engineering.☆291Nov 13, 2021Updated 4 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆73Apr 14, 2017Updated 8 years ago
- An Ark tool project,run on Win7 x86/x64☆118Jul 11, 2017Updated 8 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Aug 12, 2015Updated 10 years ago
- VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.☆821Sep 7, 2020Updated 5 years ago