Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic Execution, Pattern & Semantic Classification, and Machine Learning–driven prioritization to dramatically reduce manual reverse engineering time.
☆350Feb 22, 2026Updated 2 weeks ago
Alternatives and similar repositories for VMDragonSlayer
Users that are interested in VMDragonSlayer are comparing it to the libraries listed below
Sorting:
- Comprehensive Windows Syscall Extraction & Analysis Framework☆161Aug 30, 2025Updated 6 months ago
- binary instrumentation, analysis, and patching framework☆100Feb 20, 2026Updated 2 weeks ago
- Native code virtualizer for x64 binaries☆519Dec 20, 2024Updated last year
- LLVM based static binary analysis framework☆303Apr 2, 2025Updated 11 months ago
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆331Jul 29, 2024Updated last year
- Windows 11 24H2-25H2 Runtime PatchGuard Bypass☆254Nov 4, 2025Updated 4 months ago
- Deobfuscation via optimization with usage of LLVM IR and parsing assembly.☆776Updated this week
- An x86-64 Code Virtualizer☆310Sep 26, 2024Updated last year
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Titan is a VMProtect devirtualizer☆120Mar 6, 2024Updated 2 years ago
- Blog/Journal on how to backdoor VSCode extensions☆77Feb 24, 2026Updated 2 weeks ago
- WinVisor - A hypervisor-based emulator for Windows x64 user-mode executables using Windows Hypervisor Platform API☆645Jan 23, 2025Updated last year
- An x86-64 code virtualizer for VM based obfuscation☆177Dec 21, 2024Updated last year
- protector & obfuscator & code virtualizer☆686Mar 3, 2026Updated last week
- Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!☆408Apr 19, 2025Updated 10 months ago
- PE (and elf now!) bin2bin obfuscator☆823Oct 11, 2025Updated 4 months ago
- Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine☆279Nov 20, 2022Updated 3 years ago
- Standalone static version of Triton's x86/x64 translator☆32Mar 28, 2025Updated 11 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- HyperDeceit is the ultimate all-in-one library that emulates Hyper-V for Windows, giving you the ability to intercept and manipulate oper…☆379Jun 3, 2023Updated 2 years ago
- Cheat for my own game SecureGame which uses a bootkit to hyperjack Hyper-V in order to access VBS enclave's memory☆113Dec 8, 2024Updated last year
- Rewrite and obfuscate code in compiled binaries☆273Dec 13, 2025Updated 2 months ago
- Efficient general mixed boolean-arithmetic (MBA) simplifier☆124Mar 1, 2026Updated last week
- This repository offers an open-source C++ SDK bindings for IDA, enabling custom plugin development and automation.☆323Updated this week
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆107Mar 15, 2021Updated 4 years ago
- A collection of vibe reverse engineered binaries and malware (for educational purposes only)☆33Mar 3, 2026Updated last week
- ☆21Jan 8, 2026Updated 2 months ago
- IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformati…☆1,754Mar 3, 2026Updated last week
- unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…☆68Feb 7, 2024Updated 2 years ago
- Hijacking Hyper-V at Runtime with DDMA☆90Aug 13, 2025Updated 6 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆61May 12, 2023Updated 2 years ago
- x86-64 user mode emulation using Zydis☆73Sep 12, 2025Updated 5 months ago
- This master thesis project continuously collects and analyses Microsoft Windows kernel drivers using static and dynamic methods to help s…☆21Nov 4, 2024Updated last year
- Proof of concept source code and misc files for my CVE-2025-21692 exploit, kernel version 6.6.75☆39Sep 16, 2025Updated 5 months ago
- Obfuscator-llvm Control Flow Flattening Deobfuscator☆249Apr 16, 2025Updated 10 months ago
- IDA Pro plugin AntiXorstr☆154Feb 24, 2025Updated last year
- A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment☆165Jan 15, 2026Updated last month
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- This is the PoC of a dynamic lifter and deobfuscator with collecting trace.☆37Oct 11, 2023Updated 2 years ago