pgarba / UniTaintView external linksLinks
PoC for a taint based attack on VMProtect
☆123Jul 3, 2019Updated 6 years ago
Alternatives and similar repositories for UniTaint
Users that are interested in UniTaint are comparing it to the libraries listed below
Sorting:
- VMProtect analysis script☆56Mar 31, 2020Updated 5 years ago
- This repo contains the tests and results that were done during the research of SATURN☆43Dec 10, 2020Updated 5 years ago
- ☆15Oct 7, 2020Updated 5 years ago
- Multicore x64 kernel with a focus on introspection and debugging capabilities.☆63Jun 27, 2024Updated last year
- VT-based PCI device monitor (SPI)☆158Oct 29, 2020Updated 5 years ago
- VM devirtualization PoC based on AsmJit and llvm☆123Sep 14, 2021Updated 4 years ago
- ☆13Sep 25, 2023Updated 2 years ago
- LLVM based devirtualization PoC’s.☆21Dec 11, 2021Updated 4 years ago
- Deobfuscation of Semi-Linear Mixed Boolean-Arithmetic Expressions☆80Jan 24, 2026Updated 3 weeks ago
- Window Executable file Function tracer using Debugging API☆44Sep 26, 2019Updated 6 years ago
- Exemplary LLVM function pass implementing Control Flow Flattening.☆17May 2, 2018Updated 7 years ago
- Unpacking VMProtected Executable Guide☆125Apr 25, 2020Updated 5 years ago
- Hooking SSDT with Avast Internet Security Hypervisor☆115Apr 6, 2019Updated 6 years ago
- Windows Hypervisor Platform client☆31Jun 13, 2018Updated 7 years ago
- XDV is disassembler or debugger that works based on the extension plugin.☆55Sep 3, 2019Updated 6 years ago
- ☆421Jan 1, 2025Updated last year
- ☆76Sep 30, 2021Updated 4 years ago
- Dynamic Taint Analysis versus Obfuscated Self-Checking☆16Sep 5, 2021Updated 4 years ago
- A simple pluggable tool to convert an unrolled TritonAST to LLVM-IR, optimize it and get back to TritonAST.☆39Apr 3, 2020Updated 5 years ago
- ☆99Oct 6, 2017Updated 8 years ago
- ☆22Mar 23, 2016Updated 9 years ago
- A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]☆103Aug 3, 2023Updated 2 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆27Nov 6, 2023Updated 2 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- MBA-Blast is a tool for simplification of MBA expressions.☆70Aug 6, 2021Updated 4 years ago
- A VMP to VTIL lifter.☆446May 20, 2021Updated 4 years ago
- Lightweight type-1 hypervisor offering a foundation for building advanced security-focused functionality.☆281Jan 13, 2025Updated last year
- hooking KiUserApcDispatcher☆25Apr 3, 2017Updated 8 years ago
- This is the first software system, which can detect a stealthy hypervisor and calculate several nested ones even under countermeasures.☆87Jun 16, 2015Updated 10 years ago
- A project that aims to automatically devirtualize code that has been virtualized using x86virt☆126Dec 3, 2022Updated 3 years ago
- Program synthesis based deobfuscation framework for the USENIX 2017 paper "Syntia: Synthesizing the Semantics of Obfuscated Code"☆315Jun 11, 2020Updated 5 years ago
- Hypervisor-based debugger☆191Dec 2, 2020Updated 5 years ago
- Playing with the Tigress software protection. Break some of its protections and solve their reverse engineering challenges. Automatic deo…☆881Nov 21, 2023Updated 2 years ago
- Intermediate x86 instruction representation for use in obfuscation/deobfuscation.☆60Jul 3, 2025Updated 7 months ago
- A PoC for requesting HWIDs directly from hardware, skipping any potential hooks or OS support.☆89Mar 16, 2021Updated 4 years ago
- Experimental disassembler for x86 binaries virtualized by VMProtect 3☆97Aug 27, 2022Updated 3 years ago
- Noninvasive debugging plugin for X64Dbg☆110Nov 21, 2024Updated last year
- IDA plugin to pinpoint obfuscated code☆144Apr 29, 2022Updated 3 years ago
- VEH Redirect & VEH Debugger☆23May 18, 2020Updated 5 years ago