Alternatives and similar repositories for VMP3-Disasm

Users that are interested in VMP3-Disasm are comparing it to the libraries listed below

• nblog / Vm2Import
  fix vmprotect import function used unicorn-engine.
  ☆98Updated 2 years ago
• Shhoya / MutantKiller
  VMP Mutation API Fix
  ☆44Updated 3 years ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆66Updated last year
• SmoLL-iCe / VExDebugger
  A debugger library using VEH.
  ☆66Updated last year
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆42Updated 4 years ago
• Sinclairq / tp-emulator
  A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
  ☆75Updated 2 years ago
• helloobaby / Nmi-Callback
  detect hypervisor with Nmi Callback
  ☆41Updated 3 years ago
• POPFD / HypervisorBase
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Updated 4 years ago
• omgkaka / vmp_runner
  A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).
  ☆77Updated 3 years ago
• ExpLife0011 / KeUserModeCallBack
  A Simple Example
  ☆23Updated 7 years ago
• gmh5225 / Detection-CheatEngine
  Using ReadDirectoryChangesW to detect CheatEngine
  ☆50Updated 3 years ago
• bytesundso / SneakCalls
  direct systemcalls with a modern c++20 interface.
  ☆45Updated 3 years ago
• KelvinMsft / NoTruth
  ☆99Updated 8 years ago
• layerfsd / phantasm-x86-virtualizer
  Code virtualizer
  ☆26Updated 9 years ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆66Updated 2 years ago
• KANKOSHEV / Detect-MouseClassServiceCallback
  mouseclassservicecallback detection via hook
  ☆52Updated 3 years ago
• mzakocs / VirtualizationObfuscatorAnalysis
  A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators
  ☆70Updated 3 years ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆32Updated 3 years ago
• mrexodia / VMProtectTest
  VMProtectTest
  ☆40Updated 2 years ago
• 1401199262 / NMIStackWalk
  ☆73Updated 3 years ago
• ekknod / KiSystemStartupMeme
  Custom KiSystemStartup, can be used to modificate kernel before boot.
  ☆51Updated 3 years ago
• sunwm518 / VMProtect-3-5-DEvirt
  VMProtect, VMP, Devirter, 3,5
  ☆107Updated 2 years ago
• Anal-Repair / Vmp3_utils
  ☆36Updated 3 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆40Updated 3 years ago
• archercreat / vdk
  vdk is a set of utilities used to help with exploitation of a vulnerable driver.
  ☆42Updated 3 years ago
• Vicshann / GInjer
  Global DLL injector
  ☆70Updated 4 years ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆121Updated 4 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆71Updated 4 years ago
• ThomasonZhao / InfinityHookProMax
  InfinityHookProMax: Make InfinityHook great great again
  ☆49Updated 2 years ago
• VMProtectResearch / vmp2-devirtualization
  vmp2.x devirtualization
  ☆89Updated last year