keowu / biroscaLinks
A Dynamic Study Vmprotect 1.x-1.9X Unpacking Toolkit, Recovery OEP, FIX PE, IAT and bypass protection with custom Loader and interceptor vmexit(aka context exchange) from packer stub.
☆33Updated last year
Alternatives and similar repositories for birosca
Users that are interested in birosca are comparing it to the libraries listed below
Sorting:
- Decrypt VMProtect (.NET) obfuscated strings. Made by Cabbo with love.☆25Updated 2 years ago
- Improved VMP Idea(detect anti-anti-debug tools by bug)☆45Updated 2 years ago
- Attempts to decrypt JM Xorstr in some x64 binaries☆55Updated 2 years ago
- A lightweight BattlEye emulator of the launcher☆61Updated 2 years ago
- ☆50Updated 3 years ago
- VMProtect, VMP, Devirter, 3,5☆107Updated 2 years ago
- PE Header (.rdata,.data,.text) obsfucation☆37Updated 3 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆60Updated last year
- Hardware ID☆48Updated 3 years ago
- PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and pre…☆51Updated 3 years ago
- Some usefull info when reverse engineering Kernel Mode Anti-Cheat☆71Updated 2 years ago
- PE-Dump-Fixer☆108Updated 5 years ago
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆26Updated 5 years ago
- PoC over some VMP features☆22Updated last year
- This is an EfiGuard BootLoader that can boot EfiGuard from Usermode with no USB or Setup as a Single Executable with automatic File Dumpi…☆54Updated 9 months ago
- just proof of concept. hooking MmCopyMemory PG safe.☆74Updated last year
- ☆54Updated 2 years ago
- Freeze target threads (external - internal ) by avoiding SuspendThread detections. Or access registers from start address.☆32Updated last year
- ☆80Updated 3 years ago
- This tool Decrypt and Extract the files from the EAC☆66Updated 2 years ago
- POC Hook of nt!HvcallCodeVa☆52Updated 2 years ago
- Kernel Injector pasted from various different Github repositories.☆18Updated 5 years ago
- PAGE_GUARD based hooking library☆46Updated 2 years ago
- A plugin for x64dbg that can copy RVA from unknown memory pages☆34Updated 3 years ago
- ☆42Updated 2 years ago
- Known ring3 memory protections that can be handled at a simple level.☆65Updated 2 years ago
- DLL Injector using manual map, written in C++☆45Updated 4 years ago
- Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide☆21Updated last year
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆38Updated 8 months ago
- ☆31Updated 3 years ago