Lists (1)
Stars
Reverse engineering tool for virtualization wrappers
uefi diskless persistence technique + OVMF secureboot bypass
Yet another IDA Pro/Home plugin for deobfuscating stack strings
Automated multi-engine framework for unpacking, analyzing, and devirtualizing binaries protected by commercial and custom Virtual Machine based protectors. Combines Dynamic Taint Tracking, Symbolic…
All LLVM binaries scrambled with SigBreaker and used to test against llvm-lit
Code for the AsiaCCS 2021 paper: "Malware makeover: Breaking ML-based static analysis by modifying executable bytes"
TinyAntivirus is an open source antivirus engine designed for detecting polymorphic virus and disinfecting it.
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
Simple x86/x86_64 instruction level obfuscator based on a basic SBI engine
This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.
PointerGuard is a proof-of-concept tool used to create 'guarded' pointers which disguise pointer addresses, monitor reads/writes, and prevent access from external processes.
Integration of Microsoft Warbird with the MSVC compiler
Reimplementation of Microsoft's Warbird obuscator
library for importing functions from dlls in a hidden, reverse engineer unfriendly way
Library for lifting machine code to LLVM bitcode
RetDec is a retargetable machine-code decompiler based on LLVM.
A PoC application that detects unauthorized external access to select memory regions.
This utility allows you to lock every available memory regions of an arbitrary process into its working set.