☆34Jan 26, 2024Updated 2 years ago
Alternatives and similar repositories for themdem
Users that are interested in themdem are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆22Oct 18, 2023Updated 2 years ago
- Devirtualizer for VirtualGuard Protector using AsmResolver☆42May 8, 2023Updated 2 years ago
- ☆25May 27, 2025Updated 9 months ago
- Test data for x86 instructions☆13Apr 13, 2021Updated 4 years ago
- Python bindings for the Icicle emulator.☆41Nov 6, 2025Updated 4 months ago
- Mathematical Operation Simplifier for .NET Applications☆17Nov 20, 2019Updated 6 years ago
- Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)☆107Nov 5, 2025Updated 4 months ago
- ☆65Feb 23, 2025Updated last year
- a parser for the .map file included in the aimware leak☆16Feb 19, 2023Updated 3 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago
- x64dbg python3 plugin☆34Mar 6, 2026Updated 2 weeks ago
- The next generation reverse engineering IDE (work-in-progress).☆105Jun 27, 2024Updated last year
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago
- devirtualization vmprotect☆65Mar 11, 2023Updated 3 years ago
- Analyzing the driver and internal module of EasyAntiCheat.☆40May 1, 2023Updated 2 years ago
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆36Jul 2, 2024Updated last year
- Simple template for using Remill on Windows/Linux/macos.☆31Jan 7, 2026Updated 2 months ago
- Themida 3.x unpacking, unwrapping and devirtualization(future)☆200Mar 14, 2023Updated 3 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆337Jul 29, 2024Updated last year
- Deobfuscator for remove proxy calls methods☆27Jan 30, 2023Updated 3 years ago
- Using Zydis and LLVM to lift unsupported instructions to LLVM-IR☆30Jul 30, 2021Updated 4 years ago
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆29Apr 3, 2025Updated 11 months ago
- Think APIMonitor, but for .NET binaries.☆61Feb 22, 2023Updated 3 years ago
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆22Dec 29, 2021Updated 4 years ago
- ☆14Mar 26, 2018Updated 7 years ago
- LLVM based static binary analysis framework☆304Apr 2, 2025Updated 11 months ago
- WinLicense key extraction via Intel PIN☆108Apr 9, 2024Updated last year
- Binary Ninja MLIL to LLVM IR lifter☆15May 8, 2021Updated 4 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- A devirtualization engine for Themida.☆107Mar 2, 2024Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆30Nov 6, 2023Updated 2 years ago
- ☆12Feb 2, 2025Updated last year
- Minidump loader for Binary Ninja☆15Sep 25, 2025Updated 6 months ago
- Precompiled LLVM packages ready for (de)obfuscation related development.☆22Dec 1, 2025Updated 3 months ago
- Report and exploit of CVE-2024-21305.☆42Jan 14, 2024Updated 2 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆93Jul 28, 2024Updated last year