gmh5225 / titan-1Links
Titan is a VMProtect devirtualizer
☆52Updated last year
Alternatives and similar repositories for titan-1
Users that are interested in titan-1 are comparing it to the libraries listed below
Sorting:
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- A devirtualization engine for Themida.☆100Updated last year
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆100Updated 2 months ago
- IDA Pro plugin AntiXorstr☆134Updated 3 months ago
- Kernel ReClassEx☆62Updated last year
- VM devirtualization PoC based on AsmJit and llvm☆114Updated 3 years ago
- A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.☆144Updated last year
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- ☆134Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆29Updated 5 months ago
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆164Updated last week
- C++ library for parsing and manipulating PE files statically and dynamically.☆88Updated last year
- ☆52Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆184Updated last year
- 🪝 Different aproaches to detecting EPT hooks☆109Updated 3 years ago
- InfinityHook 支持Win7 到 Win11 最新版本,虚拟机环境及物理机环境☆72Updated 8 months ago
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆64Updated last year
- Unknowncheats Magically Optimized Tidy Mapper using nvaudio☆125Updated 11 months ago
- VMP 3.X decrypt iat☆33Updated 10 months ago
- A library to assist with memory & code protection.☆56Updated last year
- PoC kernel to usermode injection☆83Updated last year
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆116Updated last year
- Ghetto user mode emulation of Windows kernel drivers.☆139Updated 7 months ago
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- PE-Dump-Fixer☆105Updated 5 years ago
- VMP Mutation API Fix☆41Updated 3 years ago
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆108Updated 2 years ago
- ☆78Updated last year
- Detects virtual machines and malware analysis environments☆128Updated 2 years ago