ergrelet / themida-spotter-bnLinks
A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
☆83Updated last year
Alternatives and similar repositories for themida-spotter-bn
Users that are interested in themida-spotter-bn are comparing it to the libraries listed below
Sorting:
- devirtualization vmprotect☆62Updated 2 years ago
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆99Updated 3 weeks ago
- x86-64 user mode emulation using Zydis☆69Updated last month
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆68Updated last week
- A large collection of 32bit and 64bit PE files useful for verifying the correctness of bin2bin transformations☆58Updated last year
- Lightweight PDB symbol parser and resolver☆26Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year
- Rust library for lifting raw binary data to LLVM IR☆59Updated 3 months ago
- WinLicense key extraction via Intel PIN☆106Updated last year
- A x86_64 software emulator☆154Updated 2 months ago
- A Binary Ninja plugin to deobfuscate Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆33Updated last year
- Me fockin' pe protector☆45Updated 2 years ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆23Updated last year
- A devirtualization engine for Themida.☆101Updated last year
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆41Updated 3 weeks ago
- ☆62Updated 2 years ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated 2 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆57Updated 2 years ago
- Efficient general mixed boolean-arithmetic (MBA) simplifier☆106Updated 3 weeks ago
- Reimplementation of Microsoft's Warbird obuscator☆151Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆156Updated last year
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆86Updated last week
- All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit☆26Updated 5 months ago
- Code proving a 25-year blind spot in all disassemblers. PoC for Intel x64/x86 “ghost instructions.”☆101Updated 3 weeks ago
- dynamic binary instrumentation, analysis, and patching framework☆96Updated last month
- Native opaque predicate cleaner plugin for Binary Ninja☆44Updated this week
- ☆60Updated 8 months ago
- A C compiler targeting an artistically pleasing nightmare for reverse engineers☆101Updated 10 months ago
- ☆25Updated 2 weeks ago