theo-abel / awesome-anti-virtualizationLinks
A curated list of awesome resources related to anti virtualization techniques
☆55Updated 2 months ago
Alternatives and similar repositories for awesome-anti-virtualization
Users that are interested in awesome-anti-virtualization are comparing it to the libraries listed below
Sorting:
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆96Updated 3 months ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated last year
- bypassing intel txt's tboot integrity checks via coreboot shim☆81Updated 6 months ago
- ☆89Updated 7 months ago
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆128Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆74Updated 4 months ago
- NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (eithe…☆227Updated 2 months ago
- monitors hidden syscalls called from call of duty anticheat☆86Updated 8 months ago
- Generate a PDB file given the old PDB file and an address mapping☆49Updated last month
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆114Updated last year
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆78Updated this week
- Rewrite and obfuscate code in compiled binaries☆235Updated last week
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆164Updated 3 weeks ago
- uefi diskless persistence technique + OVMF secureboot bypass☆92Updated last year
- A high-performance C++ framework for emulating executable binaries☆104Updated this week
- masm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)☆126Updated 2 years ago
- Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine…☆232Updated 3 weeks ago
- Modular and extensible library for Virtual Machine Introspection☆108Updated last month
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- The DataExplorer plugin integrates the pattern language from ImHex into x64dbg.☆85Updated 8 months ago
- Simple, fast and lightweight Header-Only C++ Assembler Library☆123Updated last month
- Windows syscall SDK with dynamic offset resolution, validation, obfuscation, and multi language bindings. Bypass API hooks across differe…☆47Updated last week
- Virtual Trust Level (VTL 1) secure call tracing☆73Updated 3 weeks ago
- x86/x64 Ring 0/-2 System Freezer/Debugger☆119Updated 4 months ago
- A list of excellent resources for anyone to deepen their understanding with regards to Windows Kernel Exploitation and general low level …☆159Updated 2 years ago
- A DLL Injection Detector for Windows☆66Updated 3 weeks ago
- ☆153Updated last month
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆40Updated 2 weeks ago
- A collection of Proof-of-Concept implementations of various anti-disassembly techniques for ARM32 and ARM64 architectures.☆73Updated 5 months ago