dmaivel / covirtLinks
An x86-64 code virtualizer for VM based obfuscation
☆120Updated 5 months ago
Alternatives and similar repositories for covirt
Users that are interested in covirt are comparing it to the libraries listed below
Sorting:
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆116Updated last year
- Obfusk8: C++17-Based Obfuscation Library☆111Updated last week
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆117Updated 2 years ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆142Updated 9 months ago
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆121Updated 2 years ago
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆98Updated 2 months ago
- Hooking Windows' exception dispatcher to protect process's PML4☆174Updated 4 months ago
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆104Updated 4 years ago
- DSE & PG bypass via BYOVD attack☆51Updated last year
- PoC Anti-Rootkit/Anti-Cheat Driver.☆196Updated last month
- compile-time control flow obfuscation using mba☆185Updated last year
- Load dll with undocumented functions and debug symbols☆47Updated 10 months ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆86Updated 7 months ago
- Windows PDB parser for kernel-mode environment.☆97Updated 2 years ago
- Reverse engineering winapi function loadlibrary.☆194Updated 2 years ago
- A x86 environment emulator for Windows user and kernel binaries.☆58Updated this week
- ☆90Updated last year
- Kernel ReClassEx☆62Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆184Updated last year
- Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.☆34Updated last month
- A tool for detecting manual/direct syscalls in x86 and x64 processes using Nirvana Hooks.☆111Updated 3 years ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆123Updated 2 weeks ago
- Binary rewriter for 64-bit PE files.☆76Updated last year
- An x86-64 Code Virtualizer☆262Updated 8 months ago
- Detects virtual machines and malware analysis environments☆128Updated 2 years ago
- This repo contains EXPs about Vulnerable Windows Driver☆45Updated last year
- A library to assist with memory & code protection.☆56Updated last year
- Finding Truth in the Shadows☆92Updated 2 years ago
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆47Updated 2 years ago
- spoof return address☆75Updated 2 years ago