mandiant / jitm
JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
☆50Updated 4 years ago
Alternatives and similar repositories for jitm:
Users that are interested in jitm are comparing it to the libraries listed below
- CTF writeups☆35Updated 3 months ago
- Dump .net assembly from a native loader which uses ClrCreateinstance☆54Updated 2 years ago
- ☆23Updated last year
- A small virtualizer for .NET which works together with ConfuserEx☆63Updated 5 years ago
- Universal unpacker and fixer for a number of modded ConfuserEx protections☆104Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆96Updated 3 years ago
- ☆102Updated 2 years ago
- fix vmprotect import function used unicorn-engine.☆92Updated last year
- A newly programmed tool that will deobfuscate Agile.Net Obfuscation.☆72Updated 3 years ago
- A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET☆45Updated 2 years ago
- This is just a x64dbg script system support.☆46Updated 2 years ago
- VMProtect, VMP, Devirter, 3,5☆106Updated 2 years ago
- DarksVM is a modified version of KoiVM, a complex ConfuserEx plugin that made it possible to virtualize methods and other data, increasin…☆32Updated 5 years ago
- Yet another CawkVM unpacker...☆76Updated last year
- (DEPRECATED) A simple anti-anti debug library for Windows☆29Updated 4 years ago
- Babel-Deobfuscator is an open-source deobfuscator for Babel Obfuscator.☆38Updated 4 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆51Updated last month
- VMP Mutation API Fix☆40Updated 3 years ago
- Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI☆79Updated 3 years ago
- Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.☆74Updated 14 years ago
- .NET Assemblies Deobfuscator.☆62Updated 2 years ago
- A Dynamic Study Vmprotect 1.x-1.9X Unpacking Toolkit, Recovery OEP, FIX PE, IAT and bypass protection with custom Loader and interceptor …☆30Updated last year
- An automatic tool for fixing dumped PE files☆41Updated 4 years ago
- StringsAnalyzer is a simple, yet powerful plugin for analyzing string literals in .NET assemblies within dnSpy. It provides a comprehensi…☆59Updated last month
- This x64dbg plugin adds several commands for dumping PE header information by address.☆61Updated 7 years ago
- Simple x64dbg plugin to save a full memory dump☆49Updated 2 years ago
- Obfuscate calls to imports by patching in stubs☆67Updated 3 years ago
- 🔎 Analysis of Oreans: Looking inside Themida, WinLicense, and CodeVirtualizer☆34Updated 4 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆56Updated last year
- Deobfuscator for remove proxy calls methods☆24Updated 2 years ago