calware / Deobfuscation
Binary Deobfuscation Series
☆20Updated 4 years ago
Related projects: ⓘ
- Symbolic expression simplifier used across VTIL toolchain. Moved into -->☆24Updated 4 years ago
- ☆30Updated 4 years ago
- A common set of helpers used across VTIL toolchain. Moved into -->☆20Updated 4 years ago
- Using Zydis and LLVM to lift unsupported instructions to LLVM-IR☆24Updated 3 years ago
- Reversing library based off sleigh from the Ghidra project. Pcode IR access, disassembly, C++17☆13Updated 2 years ago
- A library to translate native code for multiple architectures into Tiny Code Generator (TCG) based intermediate representation (IR), base…☆44Updated 4 years ago
- Decode machine code into VEX IR and translate into LLVM IR☆25Updated 5 years ago
- VMX intrinsics plugin for Hex-Rays decompiler☆69Updated 4 years ago
- Binary Ninja plugin for automating VMProtect analysis☆55Updated last year
- obfuscation that aims to not stand out☆20Updated 2 years ago
- Intermediate x86 instruction representation for use in obfuscation/deobfuscation.☆53Updated 7 years ago
- ☆39Updated this week
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆71Updated 4 years ago
- transpile llil to c++ for execution and testing☆41Updated 8 months ago
- LLVM based devirtualization PoC’s.☆20Updated 2 years ago
- This repo contains the tests and results that were done during the research of SATURN☆36Updated 3 years ago
- clone of armadillo patched for windows☆45Updated 5 months ago
- Retypd plugin for Ghidra reverse engineering framework from NSA☆22Updated last year
- generate assemblers from disassemblers, 2018 jailbreak security summit talk☆37Updated 4 years ago
- ☆18Updated 2 months ago
- ☆28Updated this week
- unicorn emulator for x64dbg☆30Updated 6 years ago
- ☆24Updated 8 years ago
- Set of plugins and library for dynamic pdb generation and synchronisation☆31Updated 4 months ago
- Alternative API for IDA / Hex-Rays☆72Updated last year
- AMD SVM hypervisor rootkit proof of concept☆39Updated 11 months ago
- An Integrity-Check Monitoring Pintool☆56Updated 3 years ago
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆56Updated 2 months ago
- Adds a window to Binary Ninja that explains in simple-ish English what an instruction does☆51Updated last year
- Build your emulation environment as needed☆64Updated 3 years ago