mike1k / peppLinks
C++ library for parsing and manipulating PE files statically and dynamically.
☆88Updated 2 years ago
Alternatives and similar repositories for pepp
Users that are interested in pepp are comparing it to the libraries listed below
Sorting:
- A devirtualization engine for Themida.☆101Updated last year
- Ghetto user mode emulation of Windows kernel drivers.☆149Updated last year
- Binary rewriter for 64-bit PE files.☆85Updated last year
- Obfuscate calls to imports by patching in stubs☆71Updated 4 years ago
- based on https://github.com/secrary/Hooking-via-InstrumentationCallback☆71Updated 5 years ago
- PE-Dump-Fixer☆111Updated 5 years ago
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆62Updated last year
- Kernel ReClassEx☆64Updated last year
- A small tool for rapid enumeration of CPUID, and MSR fields.☆26Updated last year
- A basic 100 loc CPU emulator using the existing code of ntoskrnl.exe☆72Updated 2 years ago
- VM devirtualization PoC based on AsmJit and llvm☆112Updated 4 years ago
- x64 syscall caller in C++.☆92Updated 7 years ago
- Handling C++ & __try exceptions without the need of built-in handlers.☆73Updated 4 years ago
- Enable SEH support for manual mapped x86-32bit PEs☆69Updated 6 years ago
- Kernel driver for detecting Intel VT-x hypervisors.☆192Updated 2 years ago
- A portable header only library extending the C++20 STL.☆86Updated last year
- A proof of concept demonstrating instrumentation callbacks on Windows 10 21h1 with a TLS variable to ensure all syscalls are caught.☆142Updated 3 years ago
- Attempts to decrypt JM Xorstr in some x64 binaries☆54Updated 2 years ago
- A x86_64 software emulator☆154Updated 2 months ago
- This project migrated to https://github.com/backengineering/llvm-msvc☆84Updated 2 years ago
- Resolve DOS MZ executable symbols at runtime☆95Updated 3 years ago
- a minimalistic windows hypervisor for amd processors☆126Updated 3 years ago
- Browse Page Tables on Windows (Page Table Viewer)☆216Updated 3 years ago
- x64 Windows implementation of virtual-address to physical-address translation☆43Updated 4 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆96Updated 3 years ago
- Analyze patches in a process☆257Updated 4 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Updated 2 years ago
- 🪝 Various EPT hook detection approaches☆129Updated 2 months ago
- reverse engineering of bedaisy.sys (battleyes kernel driver) - Aki2k/BEDaisy☆96Updated 5 years ago
- Vectored Exception Handling Hooking Class☆165Updated 6 years ago