KiFilterFiberContext / VMP3-DisasmLinks
Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆96Updated 3 years ago
Alternatives and similar repositories for VMP3-Disasm
Users that are interested in VMP3-Disasm are comparing it to the libraries listed below
Sorting:
- fix vmprotect import function used unicorn-engine.☆97Updated 2 years ago
- VMP Mutation API Fix☆42Updated 3 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 3 years ago
- A debugger library using VEH.☆64Updated last year
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆74Updated 3 years ago
- Code virtualizer☆25Updated 9 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- ☆23Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year
- ☆36Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆112Updated 4 years ago
- Kernel ReClassEx☆64Updated last year
- VMProtectTest☆40Updated 2 years ago
- Using ReadDirectoryChangesW to detect CheatEngine☆50Updated 3 years ago
- direct systemcalls with a modern c++20 interface.☆44Updated 2 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆30Updated 3 years ago
- X86/X64 Hardware Breakpoint Manager☆42Updated 4 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago
- ☆98Updated 8 years ago
- Obfuscate calls to imports by patching in stubs☆71Updated 4 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Updated 3 years ago
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated 2 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Updated 6 years ago
- Windows kernel drivers simple HTTP library for modern C++☆42Updated 7 years ago
- All Nt Syscall and W32k Syscall in one asm, include, and call it!☆58Updated 3 years ago
- vmp2.x devirtualization☆83Updated 11 months ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆25Updated last year