An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
☆855Feb 2, 2024Updated 2 years ago
Alternatives and similar repositories for dumpulator
Users that are interested in dumpulator are comparing it to the libraries listed below
Sorting:
- Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.☆657Jan 28, 2025Updated last year
- Windows kernel and user mode emulation.☆1,860Updated this week
- A Pin Tool for tracing API calls etc☆1,620Feb 8, 2026Updated 3 weeks ago
- [deprecated] Simple x64dbg plugin to save a full memory dump☆50Oct 10, 2022Updated 3 years ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆1,327Nov 4, 2020Updated 5 years ago
- Time Travel Debugging IDA plugin☆592Jun 27, 2024Updated last year
- Native code virtualizer for x64 binaries☆517Dec 20, 2024Updated last year
- A DTrace on Windows Reimplementation☆369Feb 3, 2026Updated 3 weeks ago
- Titan is a VMProtect devirtualizer☆118Mar 6, 2024Updated last year
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆2,083Aug 8, 2021Updated 4 years ago
- Ghetto user mode emulation of Windows kernel drivers.☆160Oct 20, 2024Updated last year
- State-of-the-art native debugging tools☆3,654Updated this week
- Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.☆1,389Jun 11, 2022Updated 3 years ago
- Dynamic unpacker based on PE-sieve☆796Sep 13, 2025Updated 5 months ago
- Universal x86/x64 VMProtect 2.0-3.X Import fixer☆20Dec 29, 2021Updated 4 years ago
- ☆423Jan 1, 2025Updated last year
- A Trace Explorer for Reverse Engineers☆1,520Oct 23, 2023Updated 2 years ago
- IDA Pro plugin to make bitfield accesses easier to grep☆254Aug 3, 2025Updated 6 months ago
- gooMBA is a Hex-Rays Decompiler plugin to simplify Mixed Boolean-Arithmetic (MBA) expressions☆670Nov 10, 2025Updated 3 months ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆766Sep 29, 2025Updated 5 months ago
- ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja…☆2,305Feb 15, 2026Updated 2 weeks ago
- Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard☆268Aug 31, 2022Updated 3 years ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆163Aug 23, 2024Updated last year
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,070Dec 2, 2025Updated 3 months ago
- IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…☆1,748Updated this week
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,562Oct 31, 2025Updated 4 months ago
- Assortment of hashing algorithms used in malware☆391Feb 8, 2026Updated 3 weeks ago
- A True Instrumentable Binary Emulation Framework☆5,814Nov 5, 2025Updated 3 months ago
- Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com☆400Dec 4, 2024Updated last year
- IDA plugin and loader for UEFI firmware analysis and reverse engineering automation☆1,072Feb 17, 2026Updated last week
- Hook system calls on Windows by using Kaspersky's hypervisor☆1,278Feb 14, 2026Updated 2 weeks ago
- High Octane Triage Analysis☆820Updated this week
- Workshop Material on VM-based Deobfuscation☆200Oct 20, 2021Updated 4 years ago
- Hypervisor based anti anti debug plugin for x64dbg☆1,559Jul 8, 2024Updated last year
- An integration for IDA and VS Code which connects both to easily execute and debug IDAPython scripts.☆962Sep 16, 2025Updated 5 months ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Updated this week
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆318Oct 13, 2024Updated last year
- Unicorn PE is an unicorn based instrumentation project designed to emulate code execution for windows PE files.☆915Dec 29, 2025Updated 2 months ago
- A Binary Genetic Traits Lexer Framework☆522Aug 14, 2025Updated 6 months ago