Experimental disassembler for x86 binaries virtualized by VMProtect 3
☆98Aug 27, 2022Updated 3 years ago
Alternatives and similar repositories for VMP3-Disasm
Users that are interested in VMP3-Disasm are comparing it to the libraries listed below
Sorting:
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- Easy Anti PatchGuard☆223Apr 9, 2021Updated 4 years ago
- Decoder for VMProtect hwids☆18Aug 1, 2022Updated 3 years ago
- ☆426Jan 1, 2025Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆271Aug 31, 2022Updated 3 years ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆21Dec 29, 2021Updated 4 years ago
- a minimalistic windows hypervisor for amd processors☆146Jun 30, 2022Updated 3 years ago
- VMP Mutation API Fix☆44Feb 17, 2022Updated 4 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).☆77Feb 9, 2022Updated 4 years ago
- vmp2.x devirtualization☆90Nov 3, 2024Updated last year
- VM devirtualization PoC based on AsmJit and llvm☆123Sep 14, 2021Updated 4 years ago
- devirtualization vmprotect☆65Mar 11, 2023Updated 3 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- Mapping your code on a 0x1000 size page☆71May 20, 2022Updated 3 years ago
- windows kernelmode driver to inject dll into each and every process and perform systemwide function hooking☆53Aug 28, 2022Updated 3 years ago
- Binary Ninja plugin for automating VMProtect analysis☆63Dec 2, 2022Updated 3 years ago
- ☆73Aug 31, 2022Updated 3 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆202Jul 11, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆366Aug 18, 2022Updated 3 years ago
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆104Aug 3, 2023Updated 2 years ago
- C/C++ Runtime library for system file (Windows Kernel Driver) - Supports Microsoft STL☆192Aug 27, 2022Updated 3 years ago
- ☆26Apr 12, 2022Updated 3 years ago
- 🪝 Various EPT hook detection approaches☆143Feb 22, 2026Updated last month
- Fix VMProtect3 IAT☆308Dec 5, 2023Updated 2 years ago
- x86 PE Mutator☆232Dec 24, 2022Updated 3 years ago
- ☆26Sep 29, 2022Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆44Aug 3, 2022Updated 3 years ago
- ☆36Jun 20, 2022Updated 3 years ago
- x64 PE-COFF virtualization driven obfuscation engine☆58Oct 14, 2022Updated 3 years ago
- Walks through the 4-level paging structures in Windows x64☆13Feb 12, 2023Updated 3 years ago
- kernel driver used to monitor the activity of BadlionAnticheat.sys by patching its IAT☆32Jul 9, 2021Updated 4 years ago
- Analyze patches in a process☆260Jul 28, 2021Updated 4 years ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆89Mar 16, 2021Updated 5 years ago
- Fix VMProtect Import Protection☆371Aug 12, 2021Updated 4 years ago
- Bypassing EasyAntiCheat.sys self-integrity by abusing call hierarchy☆83Oct 6, 2022Updated 3 years ago
- bypass vmp virtual machine detect☆146Aug 5, 2022Updated 3 years ago
- ☆56Feb 27, 2020Updated 6 years ago