theo-abel / awesome-anti-virtualizationLinks
A curated list of awesome resources related to anti virtualization techniques
☆52Updated 2 months ago
Alternatives and similar repositories for awesome-anti-virtualization
Users that are interested in awesome-anti-virtualization are comparing it to the libraries listed below
Sorting:
- bypassing intel txt's tboot integrity checks via coreboot shim☆70Updated 3 months ago
- Windows kernel debugger for Linux hosts running Windows under KVM/QEMU☆85Updated 3 weeks ago
- A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.☆82Updated 10 months ago
- Simple, fast and lightweight x86-64 Assembler Library for C++ / Header-Only☆57Updated last week
- A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support☆57Updated last week
- Modular and extensible library for Virtual Machine Introspection☆105Updated last month
- C++ macro for x64 programs that breaks ida hex-rays decompiler tool.☆118Updated last year
- ☆89Updated 4 months ago
- Windows kernel driver template for cmkr (with testsigning).☆34Updated last year
- Generate a PDB file given the old PDB file and an address mapping☆48Updated 3 months ago
- Remote Thread Detection with a Kernel Driver☆30Updated 5 months ago
- Signature finder (from PE-bear)☆36Updated 2 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆125Updated this week
- ☆24Updated 6 months ago
- anti-ransomware file-system filter☆59Updated 9 months ago
- Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.☆20Updated last month
- An x64dbg plugin which helps make sense of long C++ symbols☆59Updated 2 years ago
- Using MMIO (Memory-Mapped I/O) to read TPM 2.0 public Endorsement Key.☆41Updated last year
- Small tool to convert beteween the PE alignments (raw and virtual).☆90Updated 2 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated last year
- Example of building an application verifer DLL☆46Updated last year
- A universal binary patching dll.☆90Updated 8 months ago
- The Windbg extensions to study Hyper-V on Intel and AMD processors.☆153Updated 3 months ago
- Lightweight PDB symbol parser and resolver☆26Updated 7 months ago
- SMM UEFI module and client for UMD privilege escalation☆47Updated 3 weeks ago
- ☆90Updated last year
- The DataExplorer plugin integrates the pattern language from ImHex into x64dbg.☆83Updated 5 months ago
- devirtualization vmprotect☆62Updated 2 years ago
- Plugin interface for remote communications with Binary Ninja database and MCP server for interfacing with LLMs.☆38Updated last month
- Header-only C++ library for producing PE files.☆33Updated 2 years ago