This is the PoC of a dynamic lifter and deobfuscator with collecting trace.
☆37Oct 11, 2023Updated 2 years ago
Alternatives and similar repositories for Rework-part-of-z3-proving
Users that are interested in Rework-part-of-z3-proving are comparing it to the libraries listed below
Sorting:
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- Output high level Pcode (PcodeAST) in Ghidra☆16Apr 7, 2023Updated 2 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- Symbolic Execution based on lifting amd64 to z3☆32Jul 2, 2024Updated last year
- ☆34Jan 26, 2024Updated 2 years ago
- idenLib (Library Function Identification) plugin for x32dbg☆41Feb 26, 2019Updated 7 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- ☆13Jun 20, 2022Updated 3 years ago
- Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions☆81Jan 24, 2026Updated last month
- ☆25Aug 7, 2023Updated 2 years ago
- Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)☆107Nov 5, 2025Updated 4 months ago
- Supporting Materials for “Symbolic Triage” blog post☆24Oct 31, 2022Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- A simple pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST.☆39Apr 3, 2020Updated 5 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆28Nov 6, 2023Updated 2 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆144Feb 15, 2026Updated 3 weeks ago
- ☆37May 9, 2023Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆72Aug 2, 2024Updated last year
- Clone of "Compiler-Agnostic Function Detection in Binaries" source code☆86Oct 29, 2021Updated 4 years ago
- MBA-Blast is a tool for simplification of MBA expressions.☆70Aug 6, 2021Updated 4 years ago
- A C++14/17 header-only Windows memory editing library with a focus on type safety and modern C++ style.☆13Jun 3, 2019Updated 6 years ago
- LLVM JIT: An Example☆17Jul 7, 2020Updated 5 years ago
- x86 dynamic recompiler library☆58Jan 4, 2026Updated 2 months ago
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago
- A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆39Jul 28, 2024Updated last year
- ☆30Dec 26, 2021Updated 4 years ago
- WinLicense key extraction via Intel PIN☆108Apr 9, 2024Updated last year
- devirtualization vmprotect☆65Mar 11, 2023Updated 2 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆26Feb 2, 2026Updated last month
- x86-64 user mode emulation using Zydis☆73Sep 12, 2025Updated 5 months ago
- Virtual Machine for x64 and x86 systems☆37Apr 13, 2025Updated 10 months ago
- .lib file for linking against the NT CRT☆19Mar 18, 2022Updated 3 years ago
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 11 months ago
- Rust CLI tool to generate Visual Studio .sln files from exes+pdbs☆23Jun 20, 2023Updated 2 years ago
- Custom instruction length for hex-rays☆28Jan 17, 2026Updated last month
- A devirtualization engine for Themida.☆107Mar 2, 2024Updated 2 years ago
- SLOT: SMT-LLVM Optimizing Translation☆60Apr 17, 2025Updated 10 months ago
- ☆66Apr 12, 2023Updated 2 years ago