omgkaka / vmp_runner
A general solution to simulate execution of virtualized instructions (vmprotect/themida, etc.).
☆70Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for vmp_runner
- fix vmprotect import function used unicorn-engine.☆92Updated last year
- VMProtectTest☆37Updated last year
- a simple intel vt code both support x86 & x64. PatchGuard monitor.☆75Updated 3 years ago
- vmp2.x devirtualization☆62Updated 2 weeks ago
- ☆93Updated 7 years ago
- VMP Mutation API Fix☆39Updated 2 years ago
- ☆36Updated 2 years ago
- VMProtect analysis script☆55Updated 4 years ago
- intel vt-x hypervisor ept☆25Updated 4 years ago
- Intel Virtualization Technology demo☆65Updated 8 years ago
- A dynamic VMP dumper and import fixer, powered by VTIL.☆41Updated 4 years ago
- A static devirtualizer for VMProtect x64 3.x. powered by VTIL.☆21Updated 2 years ago
- ☆45Updated 6 years ago
- ☆80Updated 2 years ago
- Example of hijacking system calls via function pointer tables☆31Updated 3 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆92Updated 2 years ago
- ☆93Updated 2 years ago
- ☆22Updated 2 years ago
- Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)☆62Updated last year
- This is the P.O.C source for hooking the system calls on Windows 10 (1903) using it's dynamic trace feature weakness☆51Updated 5 years ago
- 使用vt进行无痕hook,支持r3☆50Updated 5 years ago
- Another method to anti ThreadHideFromDebugger☆34Updated 5 years ago
- ☆36Updated last year
- VMProtect OD Plugin☆91Updated 8 years ago
- ☆19Updated 5 years ago
- first commit☆57Updated 4 years ago
- Win7内核私有符号结构转储☆64Updated 3 years ago
- VM devirtualization PoC based on AsmJit and llvm☆104Updated 3 years ago
- windows kernel pagehook☆38Updated 2 years ago