Alternatives and similar repositories for sigma-vm:

Users that are interested in sigma-vm are comparing it to the libraries listed below

• SoftwareSecurityLab / UbSym
  A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes
  ☆43Updated last year
• KelvinMsft / TechMyths
  ☆17Updated 2 years ago
• agra-uni-bremen / BinSym
  Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model
  ☆46Updated 3 months ago
• therealdreg / symseghelper
  Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode
  ☆19Updated last year
• Gui774ume / etrace
  ETrace is a syscall tracing utility powered by eBPF
  ☆25Updated 2 years ago
• Fare9 / elfparser_e
  Example of an ELF parser to learn about the ELF format
  ☆10Updated 6 months ago
• trailofbits / ManticoreUI-Ghidra
  ManticoreUI support for Ghidra. This is primarily a prototype repository. See the main ManticoreUI repo (https://github.com/trailofbits/M…
  ☆11Updated 2 years ago
• archercreat / llvm_stuff
  LLVM based devirtualization PoC’s.
  ☆20Updated 3 years ago
• ek0 / hxemu
  Triton based symbolic emulator
  ☆16Updated 2 years ago
• lifting-bits / patchestry
  Patchestry is a binary patching framework built with MLIR and Ghidra.
  ☆19Updated this week
• elastic / die-rust
  Native Rust bindings for @horsicq's Detect-It-Easy
  ☆13Updated 2 months ago
• woodruffw / llvm-passgen
  A small tool for quickly generating LLVM passes
  ☆28Updated this week
• hugsy / ida-headless
  IDA (sort of) headless
  ☆24Updated last year
• fengjixuchui / CodaPinTracer
  Lightweight WINAPI tracing with Pin
  ☆26Updated 5 years ago
• tum-i4 / dta-vs-osc
  Dynamic Taint Analysis versus Obfuscated Self-Checking
  ☆16Updated 3 years ago
• gognl / VMBR
  A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
  ☆28Updated 11 months ago
• djolertrk / kLLDB
  LLDB based debugger for Linux Kernel
  ☆23Updated 2 weeks ago
• evm-sec / high-pcode
  Output high level Pcode (PcodeAST) in Ghidra
  ☆16Updated 2 years ago
• Vector35 / pdb-rs
  A parser for Microsoft PDB (Program Database) debugging information
  ☆27Updated 5 months ago
• Vector35 / idb-parser-rs
  IDA Database Parser for Rust
  ☆25Updated 7 months ago
• libiht / libiht
  Intel Hardware Trace Library - Kernel Space Componment
  ☆65Updated 3 weeks ago
• twevs / HighPCodeViewer
  Ghidra plugin that adds a window showing the high P-code for the current function.
  ☆15Updated 2 years ago
• Zero-Tang / SimpleWhpDemo
  Simple Demo of using Windows Hypervisor Platform
  ☆27Updated 2 months ago
• Peribunt / Wow64-HeavensGate
  Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process
  ☆17Updated 2 years ago
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆34Updated last year
• LLVMParty / llvm-headers
  Easily search LLVM headers for all major versions!
  ☆19Updated 2 months ago
• lifting-bits / vmill
  ☆29Updated 4 years ago
• Nadharm / CoVirt
  A dynamically loadable virtual-machine based rootkit designed for Linux Kernel v5.13.0 using AMD-V (SVM).
  ☆29Updated 2 years ago
• n4r1b / win-drvutils-rs
  Collection of Windows Driver Utils
  ☆11Updated last year
• Air14 / SmmLoader
  Runtime smm module loader
  ☆33Updated 2 years ago