hfiref0x / WubbabooMark
Debugger Anti-Detection Benchmark
☆283Updated 9 months ago
Related projects: ⓘ
- Native code virtualizer for x64 binaries☆355Updated this week
- Demo proof of concept for shadow regions, and implementation of HyperDeceit.☆260Updated last year
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆308Updated last week
- Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks☆315Updated last year
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆251Updated 2 years ago
- Load your driver like win32k.sys☆242Updated 2 years ago
- Bypassing PatchGuard on modern x64 systems☆238Updated last year
- x64 Windows kernel code execution via user-mode, arbitrary syscall, vulnerable IOCTLs demonstration☆214Updated 2 years ago
- Memory hacking library powered by AMD SVM☆290Updated last year
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆353Updated last year
- x86 PE Mutator☆211Updated last year
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆506Updated 3 weeks ago
- VMProtect 2.x-3.x x64 Import Deobfuscator☆246Updated 8 months ago
- IDA Pro plugin to make bitfield accesses easier to grep☆221Updated 5 months ago
- Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine☆238Updated last year
- Browse Page Tables on Windows (Page Table Viewer)☆178Updated 2 years ago
- compile-time control flow obfuscation using mba☆172Updated last year
- ☆212Updated last week
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆202Updated last month
- Kernel driver for detecting Intel VT-x hypervisors.☆167Updated last year
- Emulate Drivers in RING3 with self context mapping or unicorn☆299Updated 2 years ago
- Analyze patches in a process☆241Updated 3 years ago
- protector & obfuscator & code virtualizer☆392Updated 2 weeks ago
- [WIP] A forked version of LLVM that prioritizes MSVC compatibility. This version is tailored for Windows users.☆200Updated this week
- x86-64 code/pe virtualizer☆151Updated last month
- Anti-debugging techniques on a (bad looking) Win32 application.☆232Updated 5 months ago
- State of the art DLL injector that took 20 minutes to make☆195Updated last year
- Loading dbk64.sys and grabbing a handle to it☆148Updated 2 years ago
- Single-header, minimalistic, cross-platform hook library written in pure C☆262Updated last month
- A library to develop kernel level Windows payloads for post HVCI era☆355Updated 3 years ago