cbwang505 / llvmanalyzerLinks
笔者在一款基于LLVM编译器架构的retdec开源反编译器工具的基础上,融合了klee符号执行工具,通过符号执行(Symbolic Execution)引擎动态模拟反编译后的llvm的ir(中间指令集)运行源程序的方法,插桩所有的对x86指令集的thiscall类型函数对this指针结构体(也就是rcx寄存器,简称this结构)偏移量引用,经行分析汇总后自动识别this结构体的具体内容,并自动集成导入ida工具辅助分析.
☆220Updated 3 years ago
Alternatives and similar repositories for llvmanalyzer
Users that are interested in llvmanalyzer are comparing it to the libraries listed below
Sorting:
- My toy llvm pass☆139Updated 3 years ago
- ScyllaHide for IDA7.5; ScyllaHide IDA7.5; It is a really niccccccce anti-anti-debug tool☆206Updated 4 years ago
- Official Capstone Disassembly Engine API documentation☆126Updated 3 years ago
- ollvm de-obfuscator☆61Updated 4 years ago
- An IDA pro plugin to display user-added comments in disassembly and pseudocode views.☆86Updated 2 years ago
- Rizzo plugin ported to IDA 7.4+☆54Updated 11 months ago
- ☆88Updated 4 years ago
- ☆261Updated last year
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆23Updated 2 months ago
- LLVM based "VM" obfuscator☆147Updated 4 years ago
- deobfuse compiler☆215Updated 4 years ago
- IDA高级技巧 API符号自动识别库 IDASignMaker☆137Updated 4 years ago
- 用于存放IDA的研究资料和文档☆94Updated 4 years ago
- IdaClu is a version agnostic IDA Pro plugin for grouping similar functions. Pick an existing grouping algorithm or create your own.☆171Updated 3 months ago
- An IDA plugin for making pseudocode better.☆349Updated 2 years ago
- obfuscator-llvm 移植到llvm12.x.☆239Updated 2 years ago
- Find crypto constants IDA 7.x plugin☆118Updated 2 years ago
- Toy LLVM obfuscator pass☆75Updated 4 years ago
- ☆32Updated last year
- Official Unicorn CPU emulator framework API documentation☆270Updated 2 years ago
- Deobfuscate OLLVM Bogus Control Flow via angr☆64Updated 3 years ago
- ☆119Updated 7 years ago
- a plugin for ida of version 7.2 to help know F5 window codes better☆54Updated 6 years ago
- a deflat script using unicorn engine☆43Updated 2 years ago
- 一个将 vmnote 指令集重编译成 x64 指令集的脚本,并且可以用 IDA 进行分析。☆14Updated 4 years ago
- D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.☆57Updated 3 years ago
- FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string,…☆334Updated last year
- Hex-Rays OLLVM Deobfuscator and MicroCode Explorer☆143Updated 4 years ago
- 0x401 Team二进制方向逆向辅助分析工具专题培训☆81Updated 3 years ago
- MODeflattener deobfuscates control flow flattened functions obfuscated by OLLVM using Miasm.☆195Updated 4 years ago