☆34Jan 26, 2024Updated 2 years ago
Alternatives and similar repositories for themdem
Users that are interested in themdem are comparing it to the libraries listed below
Sorting:
- ☆22Oct 18, 2023Updated 2 years ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago
- Devirtualizer for VirtualGuard Protector using AsmResolver☆42May 8, 2023Updated 2 years ago
- Mathematical Operation Simplifier for .NET Applications☆17Nov 20, 2019Updated 6 years ago
- Code Deobfuscator x86_32/64☆52Aug 16, 2022Updated 3 years ago
- Test data for x86 instructions☆13Apr 13, 2021Updated 4 years ago
- x64dbg python3 plugin☆32Jan 4, 2026Updated 2 months ago
- ☆64Feb 23, 2025Updated last year
- Python bindings for the Icicle emulator.☆41Nov 6, 2025Updated 3 months ago
- Port of MBA Solver SiMBA to C/C++ (MBA deobfuscation in real world applications)☆107Nov 5, 2025Updated 3 months ago
- A simple and universal .NET proxy remover☆11Jun 14, 2020Updated 5 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- Themida 3.x unpacking, unwrapping and devirtualization(future)☆199Mar 14, 2023Updated 2 years ago
- ☆25May 27, 2025Updated 9 months ago
- a parser for the .map file included in the aimware leak☆16Feb 19, 2023Updated 3 years ago
- Experiment building lifting-bits dependencies with pure CMake. Migrated to:☆22Oct 8, 2024Updated last year
- Simplifier vmp ultra☆20Dec 9, 2023Updated 2 years ago
- Fix VMProtect 3.xx (tested 3.0.9 to 3.5.0)☆18Feb 1, 2022Updated 4 years ago
- The next generation reverse engineering IDE (work-in-progress).☆105Jun 27, 2024Updated last year
- Analyzing the driver and internal module of EasyAntiCheat.☆40May 1, 2023Updated 2 years ago
- devirtualization vmprotect☆65Mar 11, 2023Updated 2 years ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆72Oct 7, 2022Updated 3 years ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆330Jul 29, 2024Updated last year
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- A devirtualization engine for Themida.☆107Mar 2, 2024Updated 2 years ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆20Dec 29, 2021Updated 4 years ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆91Jul 28, 2024Updated last year
- Using Zydis and LLVM to lift unsupported instructions to LLVM-IR☆30Jul 30, 2021Updated 4 years ago
- Tracks cross references and allows fast viewing of pseudocode between references☆13Mar 10, 2025Updated 11 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆68Feb 7, 2024Updated 2 years ago
- WinLicense key extraction via Intel PIN☆108Apr 9, 2024Updated last year
- reverse engineering of the windows nt kernel debugger protocol & reimplementation.☆36Jul 2, 2024Updated last year
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆22Feb 15, 2022Updated 4 years ago
- A disassembler☆22May 2, 2022Updated 3 years ago
- Deobfuscator for remove proxy calls methods☆27Jan 30, 2023Updated 3 years ago
- Example deobfuscate .NET Reactor 6.3.0.0 strings(ONLY STRINGS)☆21Aug 23, 2020Updated 5 years ago
- LLVM based static binary analysis framework☆303Apr 2, 2025Updated 11 months ago
- ☆72Jul 8, 2021Updated 4 years ago
- Frida scripts to directly MitM all HTTPS traffic from a target mobile application☆10Jan 9, 2024Updated 2 years ago