Binary lifter and deobfuscator using remill for x86_64 Windows binaries
☆57Updated this week
Alternatives and similar repositories for omill
Users that are interested in omill are comparing it to the libraries listed below
Sorting:
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated last month
- Code-Reuse Exploits detection using Intel Processor Trace☆28May 19, 2018Updated 7 years ago
- Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"☆22Oct 12, 2025Updated 4 months ago
- "Bypassing" HVCI via donor PFN swaps to modify read-only code pages. Call chained kernel functions (kCET and SLAT support), modify read-o…☆87Feb 14, 2026Updated 2 weeks ago
- Compile-time Evaluable SHA3 in C++: Permutation-based Cryptographic Hashing☆13Updated this week
- C++ Assembler with Built-in Mutation Engine☆30Sep 6, 2025Updated 5 months ago
- Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.☆90Apr 14, 2025Updated 10 months ago
- ☆31Sep 12, 2024Updated last year
- Simple template for using Remill on Windows/Linux/macos.☆29Jan 7, 2026Updated last month
- Linux Process Injection via Seccomp Notifier☆83Dec 9, 2025Updated 2 months ago
- ☆59Jan 8, 2026Updated last month
- Easy-to-use IDA plugin for code emulation☆54Nov 29, 2025Updated 2 months ago
- A plugin to x64dbg that lets you find out what writes to/accesses particular address☆118Dec 15, 2020Updated 5 years ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆140Aug 13, 2025Updated 6 months ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- POC of sysenter x64 LSTAR MSR hook☆41Jul 20, 2014Updated 11 years ago
- Simple anti-instrumentation with EFLAGS.AC☆17Mar 31, 2025Updated 10 months ago
- A pure C++17 implementation of WPP software tracing☆19Nov 20, 2020Updated 5 years ago
- Compile time assembler with nasm syntax☆97Jul 11, 2022Updated 3 years ago
- Inti easter challenge poc☆18May 4, 2021Updated 4 years ago
- ☆17Dec 3, 2020Updated 5 years ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- By manipulating LSASS memory flags like UseLogonCredential and IsCredGuardEnabled, this repo demonstrates how Credential Guard can be byp…☆14May 25, 2025Updated 9 months ago
- Library for linking multiple PE\PE + files to one☆52Mar 16, 2024Updated last year
- Rewrite and obfuscate code in compiled binaries☆273Dec 13, 2025Updated 2 months ago
- Virtual Trust Level (VTL 1) secure call tracing☆102Feb 12, 2026Updated 2 weeks ago
- a IDA plugin helps you to manage your IDA Comments☆25Sep 30, 2024Updated last year
- ☆61Oct 24, 2025Updated 4 months ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 2 months ago
- ☆25May 27, 2025Updated 9 months ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆28Sep 12, 2024Updated last year
- DelphiHelper is a python IDA Pro plugin aiming to help the analysis of x86/x86_64 binaries written in Delphi programming language.☆135Feb 9, 2026Updated 2 weeks ago
- Template for UEFI runtime drivers written in Rust with serial logging and debugging support.☆61Oct 9, 2020Updated 5 years ago
- Patches DSE by swapping both data ptrs located in SeValidateImageHeader && SeValidateImageData☆22Feb 9, 2024Updated 2 years ago
- ☆75Updated this week
- Standalone static version of Triton's x86/x64 translator☆32Mar 28, 2025Updated 10 months ago
- Spoof Windows Test Signing Mode☆29Oct 13, 2018Updated 7 years ago
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆44Nov 21, 2025Updated 3 months ago