Alternatives and similar repositories for vdk

Users that are interested in vdk are comparing it to the libraries listed below

• POPFD / HypervisorBase
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Updated 4 years ago
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆67Updated 2 years ago
• RIscRIpt / wdmcpp
  Visual Studio Project example for using Microsoft's STL in WDM (Windows Kernel-mode Driver)
  ☆25Updated 4 years ago
• mrexodia / VMProtectTest
  VMProtectTest
  ☆40Updated 2 years ago
• kkent030315 / NtSymbol
  Resolve DOS MZ executable symbols at runtime
  ☆96Updated 4 years ago
• mike1k / ImportCallObfuscator
  Obfuscate calls to imports by patching in stubs
  ☆71Updated 4 years ago
• BeneficialCode / KReClassEx
  Kernel ReClassEx
  ☆66Updated 2 years ago
• m-odern / focus-theme-for-ida-pro-7.6
  ☆30Updated 4 years ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆64Updated 2 years ago
• mzakocs / VirtualizationObfuscatorAnalysis
  A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators
  ☆70Updated 3 years ago
• jonomango / chum
  Binary rewriter for 64-bit PE files.
  ☆92Updated last year
• xu-Wan / HypercallPageHook
  POC Hook of nt!HvcallCodeVa
  ☆54Updated 2 years ago
• KiFilterFiberContext / VMP3-Disasm
  Experimental disassembler for x86 binaries virtualized by VMProtect 3
  ☆97Updated 3 years ago
• gmh5225 / FakeEnclave
  A poc that abuses Enclave
  ☆40Updated 3 years ago
• NudistBeaaach / Chained-CFG-obfuscation-pass
  LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…
  ☆49Updated 4 years ago
• LabGuy94 / Diskjacker
  Hijacking Hyper-V at Runtime with DDMA
  ☆72Updated 4 months ago
• stdhu / windows-kernel-pagehook
  windows kernel pagehook
  ☆40Updated 3 years ago
• SamuelTulach / unxorer
  Yet another IDA Pro/Home plugin for deobfuscating stack strings
  ☆114Updated 3 months ago
• Sinclairq / tp-emulator
  A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe
  ☆75Updated 2 years ago
• GetRektBoy724 / KPDB
  Windows PDB parser for kernel-mode environment.
  ☆103Updated 7 months ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆121Updated 4 years ago
• Nitr0-G / Rework-part-of-z3-proving
  This is the PoC of a dynamic lifter and deobfuscator with collecting trace.
  ☆36Updated 2 years ago
• ioncodes / rapid-kdbg-hyperv
  ☆15Updated 2 years ago
• 0ffffffffh / system_call_hook_win10_1903
  This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness
  ☆53Updated 6 years ago
• alfarom256 / drivers_and_shit
  ☆59Updated 3 years ago
• ajkhoury / Errata1337
  ☆68Updated 5 years ago
• crvvdev / intraceptor
  Intraceptor intercept Windows NT API calls and redirect them to a kernel driver to bypass process/threads handle protections.
  ☆32Updated 3 years ago
• kkent030315 / anyvtop
  x64 Windows implementation of virtual-address to physical-address translation
  ☆46Updated 4 years ago
• generic-trash / themdem
  ☆34Updated last year
• cutecatsandvirtualmachines / DDMA
  Disk based DMA for ATA and SCSI
  ☆37Updated 2 years ago