KiFilterFiberContext / VMP3-DisasmLinks
Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆95Updated 2 years ago
Alternatives and similar repositories for VMP3-Disasm
Users that are interested in VMP3-Disasm are comparing it to the libraries listed below
Sorting:
- fix vmprotect import function used unicorn-engine.☆91Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- A poc that abuses Enclave☆38Updated 2 years ago
- A debugger library using VEH.☆55Updated 9 months ago
- VMProtectTest☆36Updated 2 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆70Updated last year
- X86/X64 Hardware Breakpoint Manager☆41Updated 3 years ago
- ☆36Updated 2 years ago
- VMP Mutation API Fix☆41Updated 3 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆114Updated 3 years ago
- Kernel ReClassEx☆62Updated last year
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- Obfuscate calls to imports by patching in stubs☆68Updated 3 years ago
- ☆46Updated 3 years ago
- ☆70Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆44Updated last year
- Code virtualizer☆23Updated 9 years ago
- devirtualization vmprotect☆62Updated 2 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- ☆22Updated 3 years ago
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- mouseclassservicecallback detection via hook☆50Updated 3 years ago
- Windows kernel drivers simple HTTP library for modern C++☆42Updated 6 years ago
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- detect hypervisor with Nmi Callback☆34Updated 2 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- ☆79Updated 3 years ago
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆52Updated 7 months ago