Nitr0-G / Rework-part-of-z3-provingView external linksLinks
This is the PoC of a dynamic lifter and deobfuscator with collecting trace.
☆36Oct 11, 2023Updated 2 years ago
Alternatives and similar repositories for Rework-part-of-z3-proving
Users that are interested in Rework-part-of-z3-proving are comparing it to the libraries listed below
Sorting:
- Self-hosting binary instrumentation framework for security research☆12Apr 10, 2023Updated 2 years ago
- ☆34Jan 26, 2024Updated 2 years ago
- Output high level Pcode (PcodeAST) in Ghidra☆16Apr 7, 2023Updated 2 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆28Nov 6, 2023Updated 2 years ago
- ☆37May 9, 2023Updated 2 years ago
- Symbolic Execution based on lifting amd64 to z3☆31Jul 2, 2024Updated last year
- A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆38Jul 28, 2024Updated last year
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago
- idenLib (Library Function Identification) plugin for x32dbg☆41Feb 26, 2019Updated 6 years ago
- ☆13Jun 20, 2022Updated 3 years ago
- Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions☆80Jan 24, 2026Updated 3 weeks ago
- ☆25Aug 7, 2023Updated 2 years ago
- Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)☆106Nov 5, 2025Updated 3 months ago
- Supporting Materials for “Symbolic Triage” blog post☆24Oct 31, 2022Updated 3 years ago
- Process Creation, Image Load and Thread Creation Notification☆13Sep 15, 2023Updated 2 years ago
- A simple pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST.☆39Apr 3, 2020Updated 5 years ago
- ☆66Apr 12, 2023Updated 2 years ago
- Simplifier vmp ultra☆19Dec 9, 2023Updated 2 years ago
- ☆17Feb 23, 2023Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- A devirtualization engine for Themida.☆106Mar 2, 2024Updated last year
- Clone of "Compiler-Agnostic Function Detection in Binaries" source code☆86Oct 29, 2021Updated 4 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆97Aug 27, 2022Updated 3 years ago
- MBA-Blast is a tool for simplification of MBA expressions.☆70Aug 6, 2021Updated 4 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆90Jul 28, 2024Updated last year
- LLVM JIT: An Example☆17Jul 7, 2020Updated 5 years ago
- A C++14/17 header-only Windows memory editing library with a focus on type safety and modern C++ style.☆13Jun 3, 2019Updated 6 years ago
- x86 dynamic recompiler library☆58Jan 4, 2026Updated last month
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆67Feb 7, 2024Updated 2 years ago
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆75Aug 16, 2023Updated 2 years ago
- ☆30Dec 26, 2021Updated 4 years ago
- WinLicense key extraction via Intel PIN☆108Apr 9, 2024Updated last year
- devirtualization vmprotect☆65Mar 11, 2023Updated 2 years ago
- Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis☆20Jan 16, 2024Updated 2 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆26Feb 2, 2026Updated 2 weeks ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆141Jan 12, 2025Updated last year
- Windows kernel driver template for cmkr and llvm-msvc.☆35Dec 20, 2023Updated 2 years ago