cbwang505 / unicorn-whpxLinks
跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式提供了另一种CPU指令的模拟方式,在保持原有unicorn导出接口不变的情况下,采用Hyper-v支持带硬件虚拟化支持的Windows Hypervisor Platform API接口扩展了底层CPU模拟环境实现,支持X86指令集二进制程序模拟平台和调试器.
☆77Updated last year
Alternatives and similar repositories for unicorn-whpx
Users that are interested in unicorn-whpx are comparing it to the libraries listed below
Sorting:
- 使用 Intel 虚拟化特性实现应用层HOOK☆63Updated 2 months ago
- 无痕hook探测☆38Updated 3 months ago
- A POC to detect the exist of VMProtect 3 protection by search feature watermark.☆81Updated last year
- 一个仅使用2字节修改实现内核任意函数hook的方法。☆56Updated 6 months ago
- ☆44Updated 2 years ago
- Another LLVM-obfuscator based on LLVM-17. A fork of Arkari☆106Updated last year
- ☆90Updated 4 years ago
- Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.☆88Updated 7 months ago
- a code virtualizer based on angr☆32Updated 2 years ago
- Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.☆43Updated 3 years ago
- vmp2.x devirtualization☆84Updated last year
- ☆34Updated last year
- LLVM based "VM" obfuscator☆147Updated 4 years ago
- The tool can be used to eliminate redundant instructions in a basic block.☆81Updated 2 years ago
- 鹅城的百姓不需要有青天大老爷,于是黄四郎就出手干掉了很多好县长。☆27Updated 2 years ago
- ida plugin to parse qt meta data☆82Updated 10 months ago
- ollvm de-obfuscator☆61Updated 4 years ago
- ☆36Updated 3 years ago
- 用来辅助分析VB程序的IDA插件☆25Updated 4 years ago
- ☆33Updated 4 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆30Updated 11 months ago
- Kotoamatsukami is an obfuscator based on LLVM-17, utilizing LLVM's new pass to implement plug-in features, for obfuscating multiple langu…☆54Updated 8 months ago
- Injecting into SELinux-protected system service processes under root on Android.☆49Updated last year
- VMProtectTest☆40Updated 2 years ago
- Implementation of a LLVM Compiler Plugin for C++ Obfuscation☆42Updated 2 years ago
- D810-ng (Next Generation) is an updated, tested, refactored, and optimized IDA Pro plugin used to deobfuscate code at decompilation time …☆71Updated last week
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆24Updated 5 months ago
- Win7内核私有符号结构转储☆68Updated 4 years ago
- Kernel mode to user mode so injection☆91Updated 5 years ago
- ☆55Updated 5 years ago