Lists (18)
Stars
Windows kernel research tool. Looks like a debugger, but it is not a debugger. It uses a kernel driver to provide a WinDbg-like live kernel debugging experience from a TUI console.
A tiny educational decompiler that helps people understand how decompilation works.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
VirtualKD-Redux - A revival and modernization of VirtualKD
Hardening code obfuscation against automated attacks
Coefficient-Based Reconstruction of Arithmetic — a Mixed Boolean-Arithmetic (MBA) expression simplifier for deobfuscation
A reverse-engineering agent for IDA Pro and Binary Ninja
memory introspection and reverse engineering hypervisor powered by leveraging Hyper-V
a tool to deobfuscate, unminify, and simplify JavaScript code.
micREsoft / Allycs
Forked from NtQuery/ScyllaImports Reconstructor via indirect syscalls (Scylla rebuilt with SysCaller)
Rust Library Recognition Project for Rust Malware by the MSTIC-MIRAGE Team
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
hvpp is a lightweight Intel x64/VT-x hypervisor written in C++ focused primarily on virtualization of already running operating system
A binary lifter and analysis framework for Ethereum smart contracts
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic…
kernel-mode Anti-Anti-Debug plugin. based on intel vt-x && ept technology
IDA Domain API - Python interface for IDA Pro reverse engineering platform
Plaguards: Open Source PowerShell Deobfuscation and IOC Detection Engine for Blue Teams. [Presented at Black Hat Asia and USA 2025 Arsenal]