KiFilterFiberContext / VMP3-DisasmLinks
Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆96Updated 2 years ago
Alternatives and similar repositories for VMP3-Disasm
Users that are interested in VMP3-Disasm are comparing it to the libraries listed below
Sorting:
- fix vmprotect import function used unicorn-engine.☆96Updated 2 years ago
- VMP Mutation API Fix☆41Updated 3 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- Code virtualizer☆25Updated 9 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- VMProtectTest☆36Updated 2 years ago
- A debugger library using VEH.☆62Updated 11 months ago
- Obfuscate calls to imports by patching in stubs☆69Updated 4 years ago
- Global DLL injector☆68Updated 4 years ago
- Using ReadDirectoryChangesW to detect CheatEngine☆50Updated 3 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆22Updated 3 years ago
- Kernel ReClassEx☆63Updated last year
- X86/X64 Hardware Breakpoint Manager☆41Updated 4 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆61Updated last year
- detect hypervisor with Nmi Callback☆39Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆117Updated 3 years ago
- Custom KiSystemStartup, can be used to modificate kernel before boot.☆52Updated 3 years ago
- ☆74Updated 2 years ago
- ☆46Updated 3 years ago
- mouseclassservicecallback detection via hook☆51Updated 3 years ago
- Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.☆29Updated 3 years ago
- direct systemcalls with a modern c++20 interface.☆43Updated 2 years ago
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆74Updated 3 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆54Updated 2 years ago
- ☆36Updated 3 years ago
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆53Updated 5 years ago
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆76Updated 3 years ago
- ☆99Updated 7 years ago