Control-flow-flattening and string deobfuscator
☆160Nov 8, 2021Updated 4 years ago
Alternatives and similar repositories for stadeo
Users that are interested in stadeo are comparing it to the libraries listed below
Sorting:
- MODeflattener deobfuscates control flow flattened functions obfuscated by OLLVM using Miasm.☆203Jul 23, 2021Updated 4 years ago
- Modified python version of Rolf Rolles' https://github.com/RolfRolles/HexRaysDeob to unflatten Emotet'S Control Flow Flattening☆27May 5, 2022Updated 3 years ago
- Workshop Material on VM-based Deobfuscation☆200Oct 20, 2021Updated 4 years ago
- Code deobfuscation framework to simplify Mixed Boolean-Arithmetic (MBA) expressions☆345Feb 2, 2026Updated last month
- ☆76Sep 30, 2021Updated 4 years ago
- Greybox Synthesizer geared for deobfuscation of assembly instructions.☆167Feb 16, 2025Updated last year
- Hex-Rays microcode API plugin for breaking an obfuscating compiler☆794Feb 22, 2021Updated 5 years ago
- abyss - augmentation of Hexrays decompiler output☆347Oct 26, 2022Updated 3 years ago
- ☆72Jul 8, 2021Updated 4 years ago
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Sep 5, 2021Updated 4 years ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆48Jun 5, 2022Updated 3 years ago
- Efficient Deobfuscation of Linear Mixed Boolean-Arithmetic Expressions☆181Oct 12, 2023Updated 2 years ago
- An Interactive Hex-Rays Microcode Explorer☆648Feb 8, 2024Updated 2 years ago
- Hex-Rays microcode API plugin for breaking an obfuscating compiler☆84Jun 29, 2019Updated 6 years ago
- Binary Ninja plugin to identify obfuscated code and other interesting code constructs☆650Mar 14, 2025Updated 11 months ago
- Collection of obfuscation, tamper-proofing, and watermarking algorithms targeting LLVM IR.☆76Nov 12, 2019Updated 6 years ago
- Static Binary Instrumentation tool for Windows x64 executables☆206Sep 29, 2025Updated 5 months ago
- An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.☆962Sep 16, 2025Updated 5 months ago
- IFL - Interactive Functions List (plugin for IDA Pro)☆487Updated this week
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆76Jun 8, 2019Updated 6 years ago
- Yet Another Not So Obfuscated LLVM☆388May 30, 2024Updated last year
- An approach to detect opaque predicates by identifying the damage caused by the obfuscation.☆31Apr 10, 2021Updated 4 years ago
- Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories☆1,161Nov 14, 2020Updated 5 years ago
- ☆429May 16, 2021Updated 4 years ago
- Slides and Material for "SymbolicExecutionDemystified" Presentation @ Insomni'Hack 2022☆100Mar 26, 2022Updated 3 years ago
- A copy of my Mathematics and Computer Engineering B.Sc. thesis☆20Dec 8, 2020Updated 5 years ago
- ☆29May 10, 2020Updated 5 years ago
- ☆31Jul 21, 2020Updated 5 years ago
- A high performance LLVM-based dynamic binary instrumentation framework☆286Jun 7, 2024Updated last year
- PoC for a taint based attack on VMProtect☆123Jul 3, 2019Updated 6 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 4 years ago
- Analyze patches in a process☆259Jul 28, 2021Updated 4 years ago
- HexRays ctree visualization plugin☆437Sep 6, 2024Updated last year
- Display Hex-Rays Microcode☆245Nov 13, 2022Updated 3 years ago
- A graphing library for Control Flow Graphs☆105Jun 19, 2025Updated 8 months ago
- [deprecated] Simple x64dbg plugin to save a full memory dump☆50Oct 10, 2022Updated 3 years ago
- A VMP to VTIL lifter.☆445May 20, 2021Updated 4 years ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago
- White-box analytic framework based on LLVM☆39Jun 10, 2019Updated 6 years ago