KiFilterFiberContext / VMP3-Disasm

Related projects ⓘ

Alternatives and complementary repositories for VMP3-Disasm

• 67-6f-64 / AntiOreans-CodeDevirtualizer
  ☆23Updated last year
• MiroKaku / Musa.Core
  Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.
  ☆64Updated 2 weeks ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆39Updated 3 years ago
• momo5502 / ept-hook-detection
  Different aproaches to detecting EPT hooks
  ☆84Updated 2 years ago
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆43Updated 9 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆52Updated 9 months ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆103Updated 3 years ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆62Updated 11 months ago
• Sinclairq / tp-emulator
  A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
  ☆69Updated last year
• t0msa / vmp-analyzer
  A tool that aims to aid in finding VM entries in binaries protected by VMProtect 3.5
  ☆24Updated last year
• Anal-Repair / Vmp3_utils
  ☆36Updated 2 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆36Updated 2 years ago
• mrexodia / VMProtectTest
  VMProtectTest
  ☆36Updated last year
• r3bb1t / vmp_analyzer
  ☆36Updated last year
• CKCat / VMProtect-2-Reverse-Engineering
  ☆22Updated 2 years ago
• nblog / Vm2Import
  fix vmprotect import function used unicorn-engine.
  ☆91Updated last year
• Shhoya / MutantKiller
  VMP Mutation API Fix
  ☆38Updated 2 years ago
• not-wlan / instrumentation-callbacks
  based on https://github.com/secrary/Hooking-via-InstrumentationCallback
  ☆67Updated 5 years ago
• NewWorldComingSoon / UnknownField
  UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.
  ☆44Updated last year
• zhuhuibeishadiao / WskHttp
  Windows kernel drivers simple HTTP library for modern C++
  ☆41Updated 6 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆64Updated 3 years ago
• gmh5225 / Detection-CheatEngine
  Using ReadDirectoryChangesW to detect CheatEngine
  ☆44Updated 2 years ago
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆40Updated last year
• mzakocs / VirtualizationObfuscatorAnalysis
  A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators
  ☆62Updated 2 years ago
• crtdll / bedaisy-reversal
  Some psuedo snippets from BattlEye's BEDaisy.sys loaded on Rainbow Six: Siege.
  ☆122Updated 2 years ago
• UCFoxi / VTableKFunctionHook
  This project will give you an example how you can hook a kernel vtable function that cannot be directly called
  ☆80Updated 2 years ago
• sunwm518 / VMProtect-3-5-DEvirt
  VMProtect, VMP, Devirter, 3,5
  ☆104Updated last year
• nelfo / PGHooker
  PAGE_GUARD based hooking library
  ☆39Updated 2 years ago
• mike1k / pepp
  C++ library for parsing and manipulating PE files statically and dynamically.
  ☆83Updated last year