generic-trash / themdemLinks
☆32Updated last year
Alternatives and similar repositories for themdem
Users that are interested in themdem are comparing it to the libraries listed below
Sorting:
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆36Updated last year
- Symbolic Execution based on lifting amd64 to z3☆27Updated 11 months ago
- devirtualization vmprotect☆62Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆22Updated last year
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- ☆25Updated last week
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆50Updated 4 years ago
- ☆22Updated last year
- vdk is a set of utilities used to help with exploitation of a vulnerable driver.☆40Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- Binary Ninja plugin for automating VMProtect analysis☆60Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆65Updated last year
- Code virtualizer☆23Updated 9 years ago
- VMProtectTest☆36Updated 2 years ago
- VMP Mutation API Fix☆41Updated 3 years ago
- Kernel ReClassEx☆62Updated last year
- Extensions for x64dbg written in Rust: Telescope and Unicorn powered disassembly☆25Updated 2 years ago
- ☆36Updated 2 years ago
- How Meltdown and Spectre haunt Anti-Cheat: DVRT details☆21Updated 9 months ago
- ☆15Updated 2 years ago
- ☆30Updated 3 years ago
- Binary Ninja plugin that can be used to apply Triton's dead store eliminitation pass on basic blocks or functions.☆60Updated 10 months ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆44Updated last year
- Lightweight PDB symbol parser and resolver☆24Updated 7 months ago
- A project on the Unicorn emulator to emulate the code of Pe files in windows☆27Updated 8 months ago
- llvm powered deobfuscation of a vm-based protection☆36Updated last month
- A devirtualization engine for Themida.☆100Updated last year
- ☆36Updated 2 years ago
- ☆13Updated 4 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆37Updated 7 months ago