expend20 / DrSymLoggerLinks
☆22Updated 2 years ago
Alternatives and similar repositories for DrSymLogger
Users that are interested in DrSymLogger are comparing it to the libraries listed below
Sorting:
- ☆33Updated last year
- LLVM obfuscation pass, flattening at the basic block's level and turning each basic block into a dispacher and each instruction into a ne…☆47Updated 4 years ago
- llvm powered deobfuscation of a vm-based protection☆43Updated 6 months ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated 2 years ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆36Updated 2 years ago
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆42Updated 3 years ago
- devirtualization vmprotect☆62Updated 2 years ago
- ☆25Updated 4 months ago
- ☆15Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆25Updated last year
- dynamic binary instrumentation, analysis, and patching framework☆95Updated last month
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆64Updated last year
- Yet another IDA Pro/Home plugin for deobfuscating stack strings☆97Updated 2 weeks ago
- Binary Ninja plugin for automating VMProtect analysis☆63Updated 2 years ago
- Symbolic Execution based on lifting amd64 to z3☆28Updated last year
- ☆30Updated 3 years ago
- Disassembler for Zeus VM custom instruction set☆30Updated last year
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆23Updated last year
- A driver to implement IOCTL hooking☆24Updated 3 years ago
- Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly☆26Updated 2 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 3 years ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated 2 months ago
- ☆37Updated 2 years ago
- Reverse engineered API for Microsoft's Time Travel Debugger☆35Updated last year
- IDA Map File Symbol Renamer☆22Updated 6 months ago
- Windows Minidump loader for Ghidra☆29Updated 3 years ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆17Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Updated 4 years ago
- ☆12Updated 8 months ago
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆23Updated 3 years ago