KiFilterFiberContext / microsoft-warbirdLinks
Reimplementation of Microsoft's Warbird obuscator
☆143Updated last year
Alternatives and similar repositories for microsoft-warbird
Users that are interested in microsoft-warbird are comparing it to the libraries listed below
Sorting:
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆156Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆112Updated 2 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆83Updated last year
- A C compiler targeting an artistically pleasing nightmare for reverse engineers☆101Updated 9 months ago
- 🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.☆117Updated last year
- Rewrite and obfuscate code in compiled binaries☆256Updated 3 weeks ago
- WinLicense key extraction via Intel PIN☆104Updated last year
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- Research on obfuscated licensing APIs / CLIP service in the Windows kernel☆122Updated 3 years ago
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆79Updated last week
- ☆153Updated 2 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year
- compile-time control flow obfuscation using mba☆194Updated 2 years ago
- Inlay hints for hex-rays☆69Updated 5 months ago
- Binary Ninja plugin to analyze and simplify obfuscated code☆166Updated 3 months ago
- Makes IDA (most versions) to crash upon opening it.☆101Updated last year
- A devirtualization engine for Themida.☆101Updated last year
- A x86_64 software emulator☆149Updated last month
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 4 months ago
- devirtualization vmprotect☆62Updated 2 years ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆122Updated last month
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆40Updated last month
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆255Updated 3 years ago
- Windows 11 24H2 Runtime PatchGuard Bypass☆190Updated 3 weeks ago
- Symbolic Execution based on lifting amd64 to z3☆28Updated last year
- IDA Type Info Libraries for RE☆31Updated 8 months ago
- dynamic binary instrumentation, analysis, and patching framework☆94Updated 2 weeks ago
- monitors hidden syscalls called from call of duty anticheat☆86Updated 8 months ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆81Updated 6 months ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated 2 months ago