MaxXor / obfuscator-llvm
Obfuscator as LLVM extension
☆99Updated 3 years ago
Alternatives and similar repositories for obfuscator-llvm:
Users that are interested in obfuscator-llvm are comparing it to the libraries listed below
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- compile-time control flow obfuscation using mba☆182Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆136Updated 7 months ago
- Binary rewriter for 64-bit PE files.☆70Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆116Updated 4 months ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆86Updated last year
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 5 years ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆110Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆103Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆90Updated 10 months ago
- LLVM pass that obfuscates against symbolic execution☆75Updated 6 years ago
- Easy-to-use IDA plugin for code emulation☆31Updated 11 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆118Updated last year
- x86-64 virtualizing obfuscator written in Rust☆75Updated last year
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆104Updated 4 years ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆73Updated 5 months ago
- Abusing exceptions for code execution.☆110Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆113Updated 3 years ago
- IDA strike-out: A Hex-Rays decompiler plugin to patch the Ctree☆116Updated 8 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆63Updated last year
- A set of LLVM and GCC based plugins that perform code obfuscation.☆123Updated last month
- IDA Plugin that fills in missing indirect CALL & JMP target information☆123Updated 3 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated 2 years ago
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆53Updated 2 years ago
- Non-linear Mixed Boolean-Arithmetic Expressions☆63Updated last year
- Hooking Windows' exception dispatcher to protect process's PML4☆165Updated 2 months ago
- ☆143Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆46Updated last month
- Kernel driver for detecting Intel VT-x hypervisors.☆179Updated last year
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆78Updated 8 months ago