poppopjmp / VMDragonSlayerView external linksLinks
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic Execution, Pattern & Semantic Classification, and Machine Learning–driven prioritization to dramatically reduce manual reverse engineering time.
☆326Oct 10, 2025Updated 4 months ago
Alternatives and similar repositories for VMDragonSlayer
Users that are interested in VMDragonSlayer are comparing it to the libraries listed below
Sorting:
- binary instrumentation, analysis, and patching framework☆100Feb 2, 2026Updated last week
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- LLVM based static binary analysis framework☆300Apr 2, 2025Updated 10 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆161Aug 30, 2025Updated 5 months ago
- An x86-64 Code Virtualizer☆303Sep 26, 2024Updated last year
- Native code virtualizer for x64 binaries☆514Dec 20, 2024Updated last year
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆324Jul 29, 2024Updated last year
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆764Sep 29, 2025Updated 4 months ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆244Nov 4, 2025Updated 3 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 10 months ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆103Dec 8, 2024Updated last year
- Titan is a VMProtect devirtualizer☆117Mar 6, 2024Updated last year
- protector & obfuscator & code virtualizer☆678Feb 8, 2026Updated last week
- Efficient general mixed boolean-arithmetic (MBA) simplifier☆121Updated this week
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆408Apr 19, 2025Updated 9 months ago
- An x86-64 code virtualizer for VM based obfuscation☆172Dec 21, 2024Updated last year
- ☆21Jan 8, 2026Updated last month
- A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment☆161Jan 15, 2026Updated 3 weeks ago
- This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…☆21Nov 4, 2024Updated last year
- Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75☆39Sep 16, 2025Updated 4 months ago
- This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.☆293Dec 24, 2025Updated last month
- single-threaded event driven sleep obfuscation poc for linux☆37Jun 14, 2025Updated 8 months ago
- Find out how to bypass HVCI (or not). My own research on Microsoft Warbird (specifically in clipsp.sys)☆92Oct 26, 2025Updated 3 months ago
- PE (and elf now!) bin2bin obfuscator☆810Oct 11, 2025Updated 4 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆142Jan 18, 2025Updated last year
- Rewrite and obfuscate code in compiled binaries☆272Dec 13, 2025Updated 2 months ago
- Rust library for lifting raw binary data to LLVM IR☆63Jul 18, 2025Updated 6 months ago
- Using Windows' own bootloader as a shim to bypass Secure Boot☆220Jul 17, 2024Updated last year
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆376Jun 3, 2023Updated 2 years ago
- WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API☆634Jan 23, 2025Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- Hijacking Hyper-V at Runtime with DDMA☆76Aug 13, 2025Updated 6 months ago
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆106Mar 15, 2021Updated 4 years ago
- WinLicense key extraction via Intel PIN☆108Apr 9, 2024Updated last year
- IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…☆1,722Feb 6, 2026Updated last week
- Disassembler for Zeus VM custom instruction set☆31Feb 12, 2024Updated 2 years ago
- Port of zentool to Windows☆27Mar 7, 2025Updated 11 months ago
- IDA Pro plugin AntiXorstr☆154Feb 24, 2025Updated 11 months ago