KiFilterFiberContext / VMP3-DisasmLinks
Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆95Updated 2 years ago
Alternatives and similar repositories for VMP3-Disasm
Users that are interested in VMP3-Disasm are comparing it to the libraries listed below
Sorting:
- VMP Mutation API Fix☆41Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- fix vmprotect import function used unicorn-engine.☆93Updated 2 years ago
- UnknownField is a tool based clang that obfuscating the order of fields to protect your C/C++ game or code.☆44Updated 2 years ago
- ☆36Updated 3 years ago
- VMProtectTest☆36Updated 2 years ago
- A poc that abuses Enclave☆38Updated 2 years ago
- Kernel ReClassEx☆62Updated last year
- X86/X64 Hardware Breakpoint Manager☆41Updated 4 years ago
- Code virtualizer☆24Updated 9 years ago
- VM devirtualization PoC based on AsmJit and llvm☆114Updated 3 years ago
- ☆22Updated 3 years ago
- Small class to parse debug info from PEs, download their respective PDBs from the Microsoft Public Symbol Server and calculate RVAs of fu…☆44Updated 2 years ago
- A debugger library using VEH.☆61Updated 9 months ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.☆54Updated 8 months ago
- ☆53Updated 2 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- Windows kernel drivers simple HTTP library for modern C++☆42Updated 6 years ago
- This project will give you an example how you can hook a kernel vtable function that cannot be directly called☆82Updated 3 years ago
- ☆69Updated 3 years ago
- Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.☆85Updated last month
- Obfuscate calls to imports by patching in stubs☆69Updated 3 years ago
- ☆46Updated 3 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- Kernel Hook X64☆25Updated 4 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆45Updated 2 years ago
- ☆72Updated 2 years ago
- detect hypervisor with Nmi Callback☆38Updated 2 years ago