poppopjmp / VMDragonSlayerLinks
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic Execution, Pattern & Semantic Classification, and Machine Learning–driven prioritization to dramatically reduce manual reverse engineering time.
☆216Updated 2 weeks ago
Alternatives and similar repositories for VMDragonSlayer
Users that are interested in VMDragonSlayer are comparing it to the libraries listed below
Sorting:
- Obfusk8: lightweight Obfuscation library based on C++17 / Header Only for windows binaries☆341Updated 3 months ago
- Rewrite and obfuscate code in compiled binaries☆233Updated last week
- bypassing intel txt's tboot integrity checks via coreboot shim☆80Updated 6 months ago
- compile-time control flow obfuscation using mba☆192Updated 2 years ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆127Updated last year
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆227Updated 2 months ago
- Converted phnt (Native API header files from the System Informer project) to IDA TIL, IDC (Hex-Rays).☆153Updated last year
- Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across differe…☆46Updated last week
- An x86-64 Code Virtualizer☆284Updated 11 months ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆95Updated 3 months ago
- Makes IDA (most versions) to crash upon opening it.☆101Updated last year
- monitors hidden syscalls called from call of duty anticheat☆84Updated 8 months ago
- RISC-V Virtual Machine☆246Updated 3 months ago
- An x86-64 code virtualizer for VM based obfuscation☆133Updated 8 months ago
- uefi diskless persistence technique + OVMF secureboot bypass☆91Updated last year
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated last year
- Static deobfuscator for Themida, WinLicense and Code Virtualizer 3.x's mutation-based obfuscation.☆297Updated last year
- A collection of Proof-of-Concept implementations of various anti-disassembly techniques for ARM32 and ARM64 architectures.☆73Updated 4 months ago
- dynamic binary instrumentation, analysis, and patching framework☆94Updated 2 weeks ago
- A fast Windows emulator + debugger for reverse engineering. Runs any executable in debug mode, disassembles with Zydis, emulates instruct…☆122Updated this week
- Easy-to-use IDA plugin for code emulation☆40Updated last week
- Obfuscator-llvm Control Flow Flattening Deobfuscator☆186Updated 4 months ago
- A dynamic unpacking tool☆140Updated last year
- ☆153Updated last month
- Binary Ninja plugin to analyze and simplify obfuscated code☆163Updated 2 months ago
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆125Updated 2 years ago
- Hooking Windows' exception dispatcher to protect process's PML4☆194Updated 7 months ago
- Windows 11 24H2 Runtime PatchGuard Bypass☆182Updated this week
- x86/x64 Ring 0/-2 System Freezer/Debugger☆119Updated 3 months ago
- Reimplementation of Microsoft's Warbird obuscator☆139Updated last year