MaxXor / obfuscator-llvm
Obfuscator as LLVM extension
☆98Updated 2 years ago
Alternatives and similar repositories for obfuscator-llvm:
Users that are interested in obfuscator-llvm are comparing it to the libraries listed below
- Integration of Microsoft Warbird with the MSVC compiler☆95Updated last year
- compile-time control flow obfuscation using mba☆181Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆106Updated 2 months ago
- Binary rewriter for 64-bit PE files.☆70Updated last year
- Abusing exceptions for code execution.☆109Updated 2 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆75Updated 7 months ago
- x86-64 virtualizing obfuscator written in Rust☆74Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆128Updated 6 months ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆85Updated last year
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 5 years ago
- The tool can be used to eliminate redundant instructions in a basic block.☆80Updated last year
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Updated 9 months ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆48Updated last year
- Demonstrate calling a kernel function and handle process creation callback against HVCI☆52Updated 2 years ago
- Finding Truth in the Shadows☆88Updated 2 years ago
- devirtualization vmprotect☆62Updated 2 years ago
- A devirtualization engine for Themida.☆96Updated last year
- VM devirtualization PoC based on AsmJit and llvm☆113Updated 3 years ago
- Obfuscate calls to imports by patching in stubs☆67Updated 3 years ago
- virtualization obfuscator inspired by juhajong/vm-obfuscator☆57Updated 5 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆123Updated 2 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆116Updated last year
- Windows PDB parser for kernel-mode environment.☆95Updated 2 years ago
- ☆106Updated 2 years ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆244Updated 2 years ago
- LLVM pass that obfuscates against symbolic execution☆75Updated 6 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆63Updated last year