Ryūjin Protector - Is a Intel Arch - BIN2BIN - PE Obfuscation/Protection/DRM tool
☆303Nov 20, 2025Updated 3 months ago
Alternatives and similar repositories for Ryujin
Users that are interested in Ryujin are comparing it to the libraries listed below
Sorting:
- Zyrox: LLVM based, compile-time obfuscator plugin.☆90Feb 21, 2026Updated 2 weeks ago
- [WIP] claude opus x86_64 disassembler/lifter/recompiler☆34Feb 12, 2026Updated 3 weeks ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- A high-fidelity x86_64 polymorphic mutation engine focused on instruction-level fragmentation and context preservation.☆111Jan 18, 2026Updated last month
- An x86-64 code virtualizer for VM based obfuscation☆177Dec 21, 2024Updated last year
- AppLocker-Based EDR Neutralization☆323Dec 19, 2025Updated 2 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated last month
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆227Sep 19, 2025Updated 5 months ago
- ☆108Aug 21, 2024Updated last year
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatio…☆173Feb 26, 2026Updated last week
- Activation Context Hijack☆170Aug 3, 2025Updated 7 months ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- Translate virtual addresses to physical addresses from usermode.☆108Jun 7, 2024Updated last year
- PE (and elf now!) bin2bin obfuscator☆820Oct 11, 2025Updated 4 months ago
- A Just-In-Time Decrypter for Windows executables (x86 and x64) that performs real-time, instruction-level decryption of encrypted code se…☆50Nov 3, 2025Updated 4 months ago
- nmi stackwalking + module verification☆163Dec 28, 2023Updated 2 years ago
- Generate a PDB file given the old PDB file and an address mapping☆52Aug 3, 2025Updated 7 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆171Sep 3, 2025Updated 6 months ago
- Anti-Rootkit/Anti-Cheat Driver to uncover unbacked or hidden kernel code.☆297Dec 10, 2025Updated 2 months ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆77Sep 8, 2025Updated 5 months ago
- Awesome MalDev Links☆39Feb 27, 2026Updated last week
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- ☆117Dec 11, 2025Updated 2 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆221Jun 4, 2025Updated 9 months ago
- Native code virtualizer for x64 binaries☆517Dec 20, 2024Updated last year
- protector & obfuscator & code virtualizer☆686Updated this week
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- ☆153Jul 31, 2022Updated 3 years ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆772Sep 29, 2025Updated 5 months ago
- An x86-64 Code Virtualizer☆309Sep 26, 2024Updated last year
- Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine☆278Nov 20, 2022Updated 3 years ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆140Oct 20, 2025Updated 4 months ago
- ida utilities / plugins / scripts☆83Jan 29, 2026Updated last month
- Process injection alternative☆406Sep 6, 2024Updated last year
- ☆18Feb 1, 2026Updated last month