Stars
Simple AST for reverse engineering, purely meant as an example.
Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in user-mode.
A Windows Kernel Driver Emulator base on Unicorn, Kernel Memory Dump and some of native environment
Scripting platform, modding framework and VR support for all RE Engine games
A JIT assembler for x86/x64 architectures supporting FPU, MMX, SSE (1-4), AVX (1-2, 512), APX, and AVX10.2
Modular and extensible library for Virtual Machine Introspection
Statistics from our binary transformation framework
Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!
Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion)
Admin to Kernel code execution using the KSecDD driver
A portable header only library extending the C++20 STL.
Deobfuscation via optimization with usage of LLVM IR and parsing assembly.
A small tool for rapid enumeration of CPUID, and MSR fields.
Hex-Rays Decompiler plugin for better code navigation
The Universal C++ RunTime library, supporting kernel-mode C++ exception-handler and STL.
Collection of undocumented Windows API declarations.
unorthodox approach to analyze a trace, but this helped me get comfy with x64 instructions overall (excluding sse/avx/etc lol), cleared up A LOT of misconceptions I had regarding VMP, and helped me…
[WIP] tool to analyze/manipulate a .trace64 file and output the data back into a working .trace64 file or w/e format desired
oopsmishap / HexRaysPyTools
Forked from igogo-x86/HexRaysPyToolsIDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
Single header version of System Informer's phnt library.