dmaivel / covirtLinks
An x86-64 code virtualizer for VM based obfuscation
☆123Updated 6 months ago
Alternatives and similar repositories for covirt
Users that are interested in covirt are comparing it to the libraries listed below
Sorting:
- Demystifying PatchGuard is a comprehensive analysis of Microsoft's security feature called PatchGuard, which is designed to prevent unaut…☆122Updated 2 years ago
- ☆120Updated last year
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆104Updated 2 months ago
- PoC Anti-Rootkit/Anti-Cheat Driver.☆201Updated last month
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆118Updated last year
- Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries☆257Updated 3 weeks ago
- Hooking Windows' exception dispatcher to protect process's PML4☆178Updated 5 months ago
- An x86-64 Code Virtualizer☆267Updated 8 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆55Updated 8 months ago
- Detects virtual machines and malware analysis environments☆130Updated 2 years ago
- A x86 CPU & Environment emulator for Windows user and kernel binaries.☆104Updated 2 weeks ago
- compile-time control flow obfuscation using mba☆183Updated last year
- Binary rewriter for 64-bit PE files.☆76Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆143Updated 10 months ago
- SMM driver/rootkit for platform memory access with R3 <-> R0 <-> R-2 communication.☆88Updated 8 months ago
- Kernel driver for detecting Intel VT-x hypervisors.☆188Updated last year
- Simple, fast and lightweight x86-64 Assembler Library for C++ / Header-Only☆57Updated last week
- DSE & PG bypass via BYOVD attack☆51Updated last year
- Kernel ReClassEx☆62Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- PoC kernel to usermode injection☆86Updated last year
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆104Updated 4 years ago
- Exploit vulnerabilities in NeacSafe64.sys to achieve privilege escalation and kernel-mode shellcode execution☆10Updated 2 months ago
- A Windows executable (PE) loader (x86 and x64) with full TLS (Thread Local Storage) support (manual mapper)☆30Updated last week
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆118Updated 2 years ago
- 整合Pluto-Obfuscator和goron部分混淆,移植到LLVM-16.0.x,使用NewPassManager☆123Updated last year
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆57Updated last week
- ☆90Updated last year
- Achieve arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling withou…☆206Updated 7 months ago
- Finding Truth in the Shadows☆107Updated 2 years ago