domin568 / Anti-Debug-examples-WindowsLinks
Some examples of anti debug techniques used in malware or commercial products preventing analysts to debug code of app.
☆21Updated 5 years ago
Alternatives and similar repositories for Anti-Debug-examples-Windows
Users that are interested in Anti-Debug-examples-Windows are comparing it to the libraries listed below
Sorting:
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year
- ☆46Updated 3 years ago
- Tutorial on solving a VM based CrackMe.☆66Updated 5 years ago
- Collaboration platform for reverse engineering tools.☆42Updated 9 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆67Updated 2 years ago
- ☆33Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago
- IDA Plugin that fills in missing indirect CALL & JMP target information☆131Updated 8 months ago
- devirtualization vmprotect☆62Updated 2 years ago
- x64dbg plugin for simple spoofing of CPUID instruction behavior☆95Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆117Updated 4 years ago
- VMProtectTest☆38Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆25Updated last year
- Ghetto user mode emulation of Windows kernel drivers.☆145Updated 11 months ago
- An automatic tool for fixing dumped PE files☆41Updated 5 years ago
- fix vmprotect import function used unicorn-engine.☆97Updated 2 years ago
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆64Updated last year
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated 2 years ago
- WinLicense key extraction via Intel PIN☆102Updated last year
- ☆92Updated 4 years ago
- IDA-names automatically renames pseudocode windows with the current function name.☆58Updated 2 years ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆75Updated 5 years ago
- 🎨 Seamlessly convert your favorite Visual Studio Code themes to IDA Pro themes.☆115Updated last year
- ☆30Updated 3 years ago
- A collection of themes based on pastel colors, created for reverse engineers☆151Updated 5 months ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆96Updated 3 years ago
- A debugger backend for IDA Pro built on top of of Intel’s PIN framework☆34Updated last year
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆35Updated last year