An x64dbg plugin which marks XFG call signatures as data
☆80May 12, 2023Updated 2 years ago
Alternatives and similar repositories for x64dbg-xfg-marker
Users that are interested in x64dbg-xfg-marker are comparing it to the libraries listed below
Sorting:
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- GitHub Action to set up the flat assembler compiler☆11Mar 2, 2026Updated last week
- ☆11Jun 24, 2024Updated last year
- ☆24Nov 3, 2022Updated 3 years ago
- c++ implementation of windows heavens gate☆70Feb 12, 2021Updated 5 years ago
- Collection of generic YARA rules☆16Aug 17, 2025Updated 6 months ago
- ☆29Jan 15, 2021Updated 5 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Sep 19, 2022Updated 3 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆98Aug 27, 2022Updated 3 years ago
- The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…☆145Mar 29, 2021Updated 4 years ago
- A driver that supports communication between a Windows guest and HyperWin☆15Jan 6, 2021Updated 5 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Reimplementation of Microsoft's Warbird obuscator☆205Jun 24, 2024Updated last year
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆269Aug 31, 2022Updated 3 years ago
- Debug Print viewer (user and kernel)☆72Feb 7, 2024Updated 2 years ago
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- fix vmprotect import function used unicorn-engine.☆99Apr 4, 2023Updated 2 years ago
- 让Etwhook再次伟大! Make InfinityHook Great Again!☆147Jun 24, 2021Updated 4 years ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆356Mar 1, 2026Updated last week
- ☆60Jan 9, 2023Updated 3 years ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆379Jun 3, 2023Updated 2 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- ☆17Feb 29, 2020Updated 6 years ago
- Supports code generation and SDK functionality for VBS enclaves.☆23Feb 25, 2026Updated last week
- 参考taviso的代码逆向一下mpengine.dll☆20Jun 30, 2022Updated 3 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- ☆86Mar 2, 2025Updated last year
- Debugger Anti-Detection Benchmark☆383Mar 1, 2026Updated last week
- An x64dbg plugin which helps make sense of long C++ symbols☆61May 12, 2023Updated 2 years ago
- Use ntdll/ntoskrnl to implement Kernel32, Advapi32 and other APIs. It includes user-mode and kernel-mode.☆96Aug 26, 2025Updated 6 months ago
- A simple kernel mode driver that hooks some values at the KUSER_SHARED_DATA structure.☆27Jan 7, 2020Updated 6 years ago
- A packed & protected Module Loader and more, for 64-bit Windows☆27Mar 5, 2021Updated 5 years ago
- 🪝 Various EPT hook detection approaches☆143Feb 22, 2026Updated 2 weeks ago
- Fix VMProtect3 IAT☆308Dec 5, 2023Updated 2 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆254Aug 3, 2025Updated 7 months ago
- A VMP to VTIL lifter.☆445May 20, 2021Updated 4 years ago
- rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system☆38Nov 21, 2025Updated 3 months ago
- Set of plugins and library for dynamic pdb generation and synchronisation☆38May 3, 2024Updated last year