poppopjmp / VMDragonSlayerLinks
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic Execution, Pattern & Semantic Classification, and Machine Learning–driven prioritization to dramatically reduce manual reverse engineering time.
☆251Updated 2 weeks ago
Alternatives and similar repositories for VMDragonSlayer
Users that are interested in VMDragonSlayer are comparing it to the libraries listed below
Sorting:
- Rewrite and obfuscate code in compiled binaries☆259Updated last week
- Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries☆352Updated 4 months ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆228Updated 2 weeks ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆83Updated 7 months ago
- compile-time control flow obfuscation using mba☆194Updated 2 years ago
- ☆154Updated 2 months ago
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆203Updated last week
- Binary Ninja plugin to analyze and simplify obfuscated code☆216Updated 2 weeks ago
- A collection of Proof-of-Concept implementations of various anti-disassembly techniques for ARM32 and ARM64 architectures.☆73Updated 6 months ago
- An x86-64 Code Virtualizer☆285Updated last year
- RISC-V Virtual Machine☆253Updated 4 months ago
- An x86-64 code virtualizer for VM based obfuscation☆139Updated 10 months ago
- Code proving a 25-year blind spot in all disassemblers. PoC for Intel x64/x86 “ghost instructions.”☆101Updated 3 weeks ago
- dynamic binary instrumentation, analysis, and patching framework☆95Updated last month
- A tool that is used to hunt vulnerabilities in x64 WDM drivers☆403Updated 2 weeks ago
- uefi diskless persistence technique + OVMF secureboot bypass☆94Updated last year
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆156Updated last year
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆306Updated last year
- x86-64 code/pe virtualizer☆200Updated 10 months ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 5 months ago
- monitors hidden syscalls called from call of duty anticheat☆85Updated 9 months ago
- ☆90Updated 8 months ago
- A C compiler targeting an artistically pleasing nightmare for reverse engineers☆101Updated 10 months ago
- LLVM based static binary analysis framework☆262Updated 6 months ago
- A comprehensive Hypervisor resources repo☆172Updated 2 weeks ago
- A dynamic unpacking tool☆141Updated 2 years ago
- Virtual Trust Level (VTL 1) secure call tracing☆80Updated last month
- ☆95Updated last year
- A fast Windows emulator + debugger for reverse engineering. Runs any executable in debug mode, disassembles with Zydis, emulates instruct…☆155Updated 3 weeks ago