mandiant / jitmLinks
JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
☆52Updated 4 years ago
Alternatives and similar repositories for jitm
Users that are interested in jitm are comparing it to the libraries listed below
Sorting:
- CTF writeups☆35Updated 6 months ago
- ☆24Updated last year
- Dump .net assembly from a native loader which uses ClrCreateinstance☆57Updated 2 years ago
- A small virtualizer for .NET which works together with ConfuserEx☆65Updated 5 years ago
- Universal unpacker and fixer for a number of modded ConfuserEx protections☆105Updated 4 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- Yet another CawkVM unpacker...☆77Updated 2 years ago
- A Proof-of-Concept implementation for Proxy Object Obfuscation in .NET☆48Updated 2 years ago
- C++ library for parsing and manipulating PE files statically and dynamically.☆87Updated last year
- ☆103Updated 2 years ago
- fix vmprotect import function used unicorn-engine.☆91Updated 2 years ago
- Devirtualizer for VirtualGuard Protector using AsmResolver☆40Updated 2 years ago
- Simple Controlflow Deobfuscator for .NET Reactor 6.7.0.0☆16Updated 4 years ago
- A simple password-based PE encryptor for Windows 32-bit executables.☆52Updated 4 months ago
- Miscellaneous Code and Docs☆81Updated last year
- Babel-Deobfuscator is an open-source deobfuscator for Babel Obfuscator.☆40Updated 4 years ago
- DarksVM is a modified version of KoiVM, a complex ConfuserEx plugin that made it possible to virtualize methods and other data, increasin…☆33Updated 5 years ago
- A newly programmed tool that will deobfuscate Agile.Net Obfuscation.☆71Updated 3 years ago
- Windows 10 PE image loader (LDR) NTDLL component toolbox☆49Updated 5 years ago
- StringsAnalyzer is a simple, yet powerful plugin for analyzing string literals in .NET assemblies within dnSpy. It provides a comprehensi…☆63Updated 4 months ago
- Simple tool to extract and decompress embedded resources processed by Fody Costura☆69Updated 10 months ago
- Think APIMonitor, but for .NET binaries.☆57Updated 2 years ago
- Parse .NET executable files.☆75Updated last week
- Ghetto user mode emulation of Windows kernel drivers.☆139Updated 7 months ago
- Simple windows API logger☆104Updated 5 years ago
- This x64dbg plugin adds several commands for dumping PE header information by address.☆63Updated 8 years ago
- Deobfuscator for remove proxy calls methods☆25Updated 2 years ago
- View handles and object for each object type☆64Updated 5 years ago
- ☆104Updated 3 years ago
- Devirtualizer for Eazfuscator.NET☆30Updated 7 years ago