Alternatives and similar repositories for NHook

Users that are interested in NHook are comparing it to the libraries listed below

• 67-6f-64 / AntiOreans-CodeDevirtualizer
  ☆58Updated 2 years ago
• ZehMatt / zyemu
  x86-64 user mode emulation using Zydis
  ☆49Updated 7 months ago
• ergrelet / themida-spotter-bn
  A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer's obfuscated code locations.
  ☆82Updated last year
• snowsnowsnows / ManyTypes
  x64dbg typeparsing plugin with Windows types
  ☆46Updated last week
• mzakocs / VirtualizationObfuscatorAnalysis
  A repository of IDA Databases and Binaries used for the analysis of popular commercial virtual-machine obfuscators
  ☆70Updated 2 years ago
• mmert11 / binaryshield-devirtualizer
  llvm powered deobfuscation of a vm-based protection
  ☆41Updated 3 months ago
• ElvisBlue / x64dbgpython
  x64dbg plugin for running python3 script. Focus on doing malware analyst and unpacking
  ☆57Updated 5 months ago
• sunwm518 / VMProtect-3-5-DEvirt
  VMProtect, VMP, Devirter, 3,5
  ☆108Updated 2 years ago
• w1redch4d / Artfuscator
  A C compiler targeting an artistically pleasing nightmare for reverse engineers
  ☆101Updated 8 months ago
• Yuerino / obfuscator-pass
  A collection of LLVM passes for obfuscating
  ☆36Updated 2 years ago
• archercreat / vm_jit
  VM devirtualization PoC based on AsmJit and llvm
  ☆117Updated 3 years ago
• kweatherman / ida_missinglink
  IDA Plugin that fills in missing indirect CALL & JMP target information
  ☆131Updated 7 months ago
• mibho / x64dbg-vmp-trace
  unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared u…
  ☆61Updated last year
• sodareverse / TDE
  A devirtualization engine for Themida.
  ☆100Updated last year
• samdspeare / othread
  an obfuscator based on LLVM which can obfuscate the program execution trajectory
  ☆105Updated 4 years ago
• binsnake / KUBERA
  A x86_64 software emulator
  ☆142Updated last week
• SamuelTulach / unxorer
  Yet another IDA Pro/Home plugin for deobfuscating stack strings
  ☆57Updated last week
• therealdreg / ida_vmware_windows_gdb
  Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)
  ☆67Updated 2 years ago
• can1357 / go-hde
  Pure Go port of Hacker Disassembler Engine.
  ☆25Updated 5 months ago
• Fatmike-GH / Fatpack
  A Windows executable (PE) packer (x64) with LZMA compression and with full TLS (Thread Local Storage) support
  ☆74Updated last month
• keowu / koidbg
  A debugger for Windows ARM64 (AARCH64), user-friendly for reverse engineers, malware analysts, malware developers, game hacking, operatin…
  ☆65Updated 3 months ago
• sh4m2hwz / devirt_vmp
  devirtualization vmprotect
  ☆62Updated 2 years ago
• can1357 / xstd
  A portable header only library extending the C++20 STL.
  ☆81Updated last year
• herosi / PyClassInformer
  ☆86Updated last month
• mrexodia / driver_unpacking
  Ghetto user mode emulation of Windows kernel drivers.
  ☆145Updated 9 months ago
• charlesnathansmith / whatlicense
  WinLicense key extraction via Intel PIN
  ☆102Updated last year
• KiFilterFiberContext / microsoft-warbird
  Reimplementation of Microsoft's Warbird obuscator
  ☆135Updated last year
• gmh5225 / titan-1
  Titan is a VMProtect devirtualizer
  ☆54Updated last year
• r3bb1t / vmp_analyzer
  ☆37Updated 2 years ago
• greyb1t / GreyM
  Me fockin' pe protector
  ☆45Updated 2 years ago