MaxXor / obfuscator-llvm

Related projects ⓘ

Alternatives and complementary repositories for obfuscator-llvm

• ThatLing / limba
  compile-time control flow obfuscation using mba
  ☆174Updated last year
• jonpalmisc / limoncello
  Yet another LLVM-based obfuscator
  ☆103Updated 2 months ago
• KiFilterFiberContext / warbird-obfuscator
  Integration of Microsoft Warbird with the MSVC compiler
  ☆85Updated last year
• D4stiny / ExceptionOrientedProgramming
  Abusing exceptions for code execution.
  ☆106Updated last year
• mike1k / pepp
  C++ library for parsing and manipulating PE files statically and dynamically.
  ☆83Updated last year
• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• KasperskyLab / hrtng
  IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…
  ☆118Updated last week
• xenoscr / manual-syscall-detect
  A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.
  ☆104Updated 2 years ago
• AzzOnFire / emuit
  Easy-to-use IDA plugin for code emulation
  ☆25Updated 6 months ago
• Dump-GUY / IDA_PHNT_TYPES
  Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).
  ☆114Updated 2 months ago
• svv232 / 1nsanity
  LLVM pass that obfuscates against symbolic execution
  ☆73Updated 6 years ago
• nlykkei / llvm-ir-obfuscation
  Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.
  ☆71Updated 4 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆93Updated 2 years ago
• paskalian / WID_LoadLibrary
  Reverse engineering winapi function loadlibrary.
  ☆69Updated last year
• rad9800 / VehApiResolve
  ☆98Updated 2 years ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆88Updated 4 months ago
• Azvanzed / CVE-2024-44083
  Makes IDA (most versions) to crash upon opening it.
  ☆62Updated 2 months ago
• mrexodia / AppInitHook
  Global user-mode hooking framework, based on AppInit_DLLs. The goal is to allow you to rapidly develop hooks to inject in an arbitrary pr…
  ☆160Updated 2 years ago
• segnolin / Vobfus
  virtualization obfuscator inspired by juhajong/vm-obfuscator
  ☆56Updated 4 years ago
• Deputation / instrumentation_callbacks
  A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.
  ☆117Updated 2 years ago
• sodareverse / TDE
  A devirtualization engine for Themida.
  ☆91Updated 8 months ago
• zer0condition / ZeroThreadKernel
  Recursive and arbitrary code execution at kernel-level without a system thread creation
  ☆154Updated last year
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆45Updated last year
• jonaslyk / temp
  ☆65Updated last year
• cursey / x64-virtualizer-rs
  x86-64 virtualizing obfuscator written in Rust
  ☆60Updated 11 months ago
• zer0condition / Demystifying-PatchGuard
  Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…
  ☆106Updated last year
• 4l3x777 / dse_pg_bypass
  DSE & PG bypass via BYOVD attack
  ☆37Updated 7 months ago
• Signal-Labs / IOCTLDump
  ☆131Updated last year
• KiFilterFiberContext / warbird-hook
  Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
  ☆236Updated 2 years ago
• m417z / x64dbg-symbol-tldr
  An x64dbg plugin which helps make sense of long C++ symbols
  ☆59Updated last year