Alternatives and similar repositories for apphost-extract:

Users that are interested in apphost-extract are comparing it to the libraries listed below

• Washi1337 / ProxyObjects
  A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET
  ☆45Updated 2 years ago
• 1hAck-0 / zeroimport
  ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…
  ☆48Updated last year
• rhotav / JITK
  JITK - JIT Killer is hooker for clrjit
  ☆29Updated 2 years ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆56Updated last year
• yubie-re / ida-jm-xorstr-decrypt-plugin
  Attempts to decrypt JM Xorstr in some x64 binaries
  ☆51Updated last year
• 0xInception / UseEveryOpCode
  Utility that tries to generate every single CIL opcode possible in a valid context.
  ☆27Updated 2 years ago
• mike1k / HardwareBreakpoint
  X86/X64 Hardware Breakpoint Manager
  ☆41Updated 3 years ago
• Ahora57 / Unabomber
  Improved VMP Idea(detect anti-anti-debug tools by bug)
  ☆41Updated last year
• backengineering / msrexec
  Elevate arbitrary MSR writes to kernel execution.
  ☆26Updated last year
• samshine / ScyllaHideDetector2
  Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.
  ☆24Updated 5 years ago
• kkent030315 / kernel_callbacks
  Bypasses for Windows kernel callbacks PatchGuard protection
  ☆43Updated 3 years ago
• keowu / birosca
  A Dynamic Study Vmprotect 1.x-1.9X Unpacking Toolkit, Recovery OEP, FIX PE, IAT and bypass protection with custom Loader and interceptor …
  ☆30Updated last year
• 0x410c / ClrDumper
  Dump .net assembly from a native loader which uses ClrCreateinstance
  ☆54Updated 2 years ago
• Shhoya / MutantKiller
  VMP Mutation API Fix
  ☆40Updated 3 years ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆65Updated last year
• Oliver-1-1 / EtwKeyboardDetection
  ☆28Updated 4 months ago
• buzzer-re / BulletTrain
  A manual PE mapping implementation, aka reflective loader
  ☆18Updated 2 years ago
• generic-trash / themdem
  ☆32Updated last year
• i32-Sudo / NMICallbackBlocker2
  This is a POC Test project for INTEL CPUs on blocking NMI Entries through the IDT Handler.
  ☆35Updated 4 months ago
• sunwm518 / VMProtect-3-5-DEvirt
  VMProtect, VMP, Devirter, 3,5
  ☆106Updated 2 years ago
• VollRagm / ShellcodeBakery
  A simple tool to assemble shellcode ready to be copy-pasted into code
  ☆67Updated 2 years ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆62Updated last year
• CERT-Polska / dbglib
  ☆23Updated last year
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆40Updated 3 years ago
• 0mWindyBug / DataptrHooks
  ntoskrnl .data hooks for UM-KM communication
  ☆36Updated 8 months ago
• Kaidoz / ProxyCall-Remover
  Deobfuscator for remove proxy calls methods
  ☆24Updated 2 years ago
• illegal-instruction-co / ThreadIn
  Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.
  ☆30Updated 10 months ago
• Oliver-1-1 / DumpDriver
  ☆43Updated 7 months ago
• sodareverse / TDE
  A devirtualization engine for Themida.
  ☆95Updated 11 months ago
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆49Updated last year