mike1k / peppLinks
C++ library for parsing and manipulating PE files statically and dynamically.
☆88Updated last year
Alternatives and similar repositories for pepp
Users that are interested in pepp are comparing it to the libraries listed below
Sorting:
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- Obfuscate calls to imports by patching in stubs☆69Updated 3 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆144Updated 9 months ago
- A devirtualization engine for Themida.☆100Updated last year
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆61Updated last year
- Kernel ReClassEx☆63Updated last year
- PE-Dump-Fixer☆109Updated 5 years ago
- A small tool for rapid enumeration of CPUID, and MSR fields.☆27Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆137Updated 3 years ago
- Binary rewriter for 64-bit PE files.☆83Updated last year
- Windows PDB parser for kernel-mode environment.☆99Updated last month
- A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators☆70Updated 2 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆71Updated 3 years ago
- VM devirtualization PoC based on AsmJit and llvm☆117Updated 3 years ago
- Enable SEH support for manual mapped x86-32bit PEs☆67Updated 6 years ago
- 🪝 Different approaches for EPT hook detection☆115Updated this week
- A x86_64 software emulator☆135Updated this week
- x64 syscall caller in C++.☆90Updated 7 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆83Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated last year
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆80Updated 4 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆97Updated 2 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆96Updated 2 years ago
- fix vmprotect import function used unicorn-engine.☆96Updated 2 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆189Updated 2 years ago
- ☆98Updated 7 years ago
- Intercepting DeviceControl via WPP☆135Updated 5 years ago
- A debugger library using VEH.☆62Updated 11 months ago
- Attempts to decrypt JM Xorstr in some x64 binaries☆55Updated 2 years ago