KiFilterFiberContext / microsoft-warbird

Related projects ⓘ

Alternatives and complementary repositories for microsoft-warbird

• KiFilterFiberContext / windows-software-policy
  Research on obfuscated licensing APIs / CLIP service in the Windows kernel
  ☆86Updated 2 years ago
• KiFilterFiberContext / warbird-obfuscator
  Integration of Microsoft Warbird with the MSVC compiler
  ☆85Updated last year
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆115Updated 3 months ago
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆73Updated 3 months ago
• charlesnathansmith / whatlicense
  WinLicense key extraction via Intel PIN
  ☆79Updated 7 months ago
• can1357 / IdaThemer
  🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.
  ☆86Updated 7 months ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆61Updated last year
• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆64Updated 2 months ago
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆61Updated last year
• ergrelet / triton-bn
  Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.
  ☆58Updated 4 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆52Updated 9 months ago
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆59Updated last year
• pinwhell / MSPDBX
  Lightweight PDB symbol parser and resolver
  ☆24Updated 3 weeks ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆104Updated 3 years ago
• connorjaydunn / BinaryShield
  An x86-64 Code Virtualizer
  ☆110Updated last month
• KasperskyLab / hrtng
  IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…
  ☆126Updated this week
• sodareverse / TDE
  A devirtualization engine for Themida.
  ☆91Updated 8 months ago
• pgarba / SiMBA-
  Port of MBA Solver SiMBA to C/C++
  ☆76Updated 2 weeks ago
• kweatherman / ida_missinglink
  IDA Plugin that fills in missing indirect CALL & JMP target information
  ☆115Updated last year
• ekknod / smm
  alternative smm driver for ryzen motherboards
  ☆109Updated last month
• ThatLing / limba
  compile-time control flow obfuscation using mba
  ☆175Updated last year
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated 2 years ago
• mazeworks-security / Simplifier
  Efficient general mixed boolean-arithmetic (MBA) simplifier
  ☆76Updated this week
• mike1k / pepp
  C++ library for parsing and manipulating PE files statically and dynamically.
  ☆87Updated last year
• cursey / x64-virtualizer-rs
  x86-64 virtualizing obfuscator written in Rust
  ☆61Updated last year
• mzakocs / VirtualizationObfuscatorAnalysis
  A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators
  ☆65Updated 2 years ago
• ergot86 / hyperv_stuff
  Hyper-V related resources
  ☆31Updated 8 months ago
• nlykkei / llvm-ir-obfuscation
  Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.
  ☆71Updated 5 years ago
• backengineering / bintests
  A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations
  ☆46Updated 3 months ago
• 0x62797465 / lumina-binja-improved
  IDA's Lumina feature, reimplemented for Binary Ninja, with new error handeling!
  ☆36Updated 6 months ago