gmh5225 / titan-1Links
Titan is a VMProtect devirtualizer
☆53Updated last year
Alternatives and similar repositories for titan-1
Users that are interested in titan-1 are comparing it to the libraries listed below
Sorting:
- A devirtualization engine for Themida.☆100Updated last year
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆115Updated 3 years ago
- Forked LLVM focused on MSVC Compatibility. This version is designed for windows users☆106Updated this week
- IDA Pro plugin AntiXorstr☆135Updated 4 months ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- A very simple C++ library for download pdb, get rva of function, global variable and offset from struct.☆144Updated last year
- ☆138Updated 2 years ago
- 🪝 Different aproaches to detecting EPT hooks☆112Updated 3 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆140Updated 8 months ago
- Kernel ReClassEx☆62Updated last year
- 可在非测试模式下符号化读取内核内存。Kernel memory can be read symbolically in non test mode。☆109Updated 2 years ago
- a Windows kernel Pdb parsing and downloading library that running purely in kernel mode without any R3 programs.☆154Updated 9 months ago
- A library to assist with memory & code protection.☆59Updated last year
- A simple ida python script to find .data ptr☆51Updated 2 years ago
- A x86 CPU & Environment emulator for Windows user and kernel binaries.☆121Updated 3 weeks ago
- Kernel-Mode extended version of https://github.com/microsoft/Detours☆169Updated 3 weeks ago
- Shows an example of how to implement VT-d/AMD-Vi on Windows☆118Updated last year
- Simple IDA Pro plugin to download Unity debug symbols from their symbol server☆63Updated last year
- bypass vmp virtual machine detect☆135Updated 2 years ago
- Detects virtual machines and malware analysis environments☆130Updated 2 years ago
- ☆121Updated last year
- Kernel Level NMI Callback Blocker☆99Updated 10 months ago
- PE-Dump-Fixer☆108Updated 5 years ago
- 从MmPfnData中枚举进程和页目录基址☆178Updated last year
- Kernel driver for detecting Intel VT-x hypervisors.☆188Updated last year
- Reverse Engineering a signed kernel driver packed and virtualized with VMProtect 3.6☆103Updated 2 years ago
- ☆78Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆71Updated last year
- A Hyper-V Hacking Framework For Windows 10 x64 (AMD & Intel)☆70Updated last year