KiFilterFiberContext / VMP3-Disasm
Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆91Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for VMP3-Disasm
- ☆23Updated last year
- Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.☆64Updated 2 weeks ago
- X86/X64 Hardware Breakpoint Manager☆39Updated 3 years ago
- Different aproaches to detecting EPT hooks☆84Updated 2 years ago
- Binary rewriter for 64-bit PE files.☆43Updated 9 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆52Updated 9 months ago
- VM devirtualization PoC based on AsmJit and llvm☆103Updated 3 years ago
- Kernel ReClassEx☆62Updated 11 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆69Updated last year
- A tool that aims to aid in finding VM entries in binaries protected by VMProtect 3.5☆24Updated last year
- ☆36Updated 2 years ago
- A poc that abuses Enclave☆36Updated 2 years ago
- VMProtectTest☆36Updated last year
- ☆36Updated last year
- ☆22Updated 2 years ago
- fix vmprotect import function used unicorn-engine.☆91Updated last year
- VMP Mutation API Fix☆38Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆67Updated 5 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated last year
- Windows kernel drivers simple HTTP library for modern C++☆41Updated 6 years ago
- Obfuscate calls to imports by patching in stubs☆64Updated 3 years ago
- Using ReadDirectoryChangesW to detect CheatEngine☆44Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆40Updated last year
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆62Updated 2 years ago
- Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.☆122Updated 2 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆80Updated 2 years ago
- VMProtect, VMP, Devirter, 3,5☆104Updated last year
- PAGE_GUARD based hooking library☆39Updated 2 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆83Updated last year