MaxXor / obfuscator-llvm
Obfuscator as LLVM extension
☆98Updated 2 years ago
Alternatives and similar repositories for obfuscator-llvm:
Users that are interested in obfuscator-llvm are comparing it to the libraries listed below
- Abusing exceptions for code execution.☆109Updated 2 years ago
- compile-time control flow obfuscation using mba☆181Updated last year
- Integration of Microsoft Warbird with the MSVC compiler☆95Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆106Updated 2 months ago
- Yet another LLVM-based obfuscator☆111Updated 6 months ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 5 years ago
- Binary rewriter for 64-bit PE files.☆70Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆90Updated 9 months ago
- LLVM pass that obfuscates against symbolic execution☆75Updated 6 years ago
- Finding Truth in the Shadows☆89Updated 2 years ago
- IDA strike-out: A Hex-Rays decompiler plugin to patch the Ctree☆116Updated 6 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆116Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆128Updated 6 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆63Updated last year
- A devirtualization engine for Themida.☆97Updated last year
- Easy-to-use IDA plugin for code emulation☆30Updated 10 months ago
- virtualization obfuscator inspired by juhajong/vm-obfuscator☆57Updated 5 years ago
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆123Updated 2 months ago
- VM devirtualization PoC based on AsmJit and llvm☆113Updated 3 years ago
- An x86-64 Code Virtualizer☆243Updated 5 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated last year
- IOCTLpus can be used to make DeviceIoControl requests with arbitrary inputs (with functionality somewhat similar to Burp Repeater).☆88Updated 3 years ago
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆126Updated 3 years ago
- devirtualization vmprotect☆62Updated 2 years ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆70Updated last year
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆46Updated 3 years ago
- x86-64 virtualizing obfuscator written in Rust☆74Updated last year