Alternatives and similar repositories for sigma-vm

Users that are interested in sigma-vm are comparing it to the libraries listed below

• therealdreg / symseghelper
  Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode
  ☆19Updated last year
• SoftwareSecurityLab / UbSym
  A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes
  ☆43Updated 2 years ago
• Fare9 / elfparser_e
  Example of an ELF parser to learn about the ELF format
  ☆10Updated 8 months ago
• Gui774ume / etrace
  ETrace is a syscall tracing utility powered by eBPF
  ☆25Updated 2 years ago
• redplait / denvdis
  NVidia sass disassembler
  ☆19Updated this week
• orca-eaa5a / mac-defender
  ☆11Updated 3 years ago
• KelvinMsft / TechMyths
  ☆17Updated 2 years ago
• suibex / donna
  Debugger and analyzer for ARM ELF executables.
  ☆19Updated 2 years ago
• djolertrk / kLLDB
  LLDB based debugger for Linux Kernel
  ☆25Updated 2 months ago
• elastic / die-rust
  Native Rust bindings for @horsicq's Detect-It-Easy
  ☆15Updated 5 months ago
• agra-uni-bremen / BinSym
  Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model
  ☆47Updated last month
• b-irb / PigPEI
  PEIM (UEFI) bootkit targeting OVMF (EDK2)
  ☆35Updated last year
• tum-i4 / dta-vs-osc
  Dynamic Taint Analysis versus Obfuscated Self-Checking
  ☆16Updated 3 years ago
• Rantanen / ghidra-minidump-loader
  Windows Minidump loader for Ghidra
  ☆29Updated 2 years ago
• lifting-bits / patchestry
  Patchestry is a binary patching framework built with MLIR and Ghidra.
  ☆20Updated this week
• hugsy / ida-headless
  IDA (sort of) headless
  ☆24Updated last year
• n4r1b / win-drvutils-rs
  Collection of Windows Driver Utils
  ☆11Updated last year
• gognl / VMBR
  A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data
  ☆26Updated last year
• twevs / HighPCodeViewer
  Ghidra plugin that adds a window showing the high P-code for the current function.
  ☆16Updated 2 years ago
• ek0 / hxemu
  Triton based symbolic emulator
  ☆16Updated 2 years ago
• Colton1skees / WinTTD
  Reverse engineered API for Microsoft's Time Travel Debugger
  ☆34Updated last year
• libiht / libiht
  Intel Hardware Trace Library - Kernel Space Componment
  ☆69Updated 2 months ago
• archercreat / llvm_stuff
  LLVM based devirtualization PoC’s.
  ☆20Updated 3 years ago
• kanren3 / efiutil
  Based on nt5src
  ☆15Updated last year
• BenH11235 / rust-re-tour
  A tour of what some Rust language features look like after compilation.
  ☆45Updated 2 years ago
• Zero-Tang / SimpleWhpDemo
  Simple Demo of using Windows Hypervisor Platform
  ☆27Updated 4 months ago
• milankovo / instrlen
  Custom instruction length for hex-rays
  ☆18Updated 5 months ago
• CISPA-SysSec / binary-tsan
  Binary Only Thread Sanitizer
  ☆14Updated 10 months ago
• Peribunt / Wow64-HeavensGate
  Basic utilities for executing, reading and writing 64-bit data in a 32-bit WoW64 process
  ☆17Updated 2 years ago
• fengjixuchui / CodaPinTracer
  Lightweight WINAPI tracing with Pin
  ☆27Updated 5 years ago