VMProtect-devirtualization
bap
VMProtect-devirtualization | bap | |
---|---|---|
3 | 3 | |
1,049 | 1,986 | |
- | 1.4% | |
0.0 | 4.6 | |
almost 2 years ago | 6 days ago | |
Roff | OCaml | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
VMProtect-devirtualization
- Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM
- VMProtect Devirtualization: An experimental dynamic approach to devirtualize pure functions protected by VMProtect 3.x
- VMProtect-devirtualization: Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM.
bap
-
Any standard algorithms for parsing (disassembling) machine code?
BAP (https://github.com/binaryanalysisplatform/bap), angr (https://angr.io/) and others already do what you're asking for as more purpose-built solutions for dynamic analysis. Angr specifically in python.
- You need to stop idolizing programming languages.
-
Starting ocaml
I find this pretty good https://www.cs.cornell.edu/courses/cs3110/2019sp/textbook/intro/ocaml.html. Fun projects include compilers (pattern matching and static types are why Ocaml is usually selected), binary analysis stuff https://github.com/BinaryAnalysisPlatform/bap, stuff that requires async so you can try out nomadic async stuff, or really anything you desire.
What are some alternatives?
NoVmp - A static devirtualizer for VMProtect x64 3.x. powered by VTIL.
pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
Triton - Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
angr - A powerful and user-friendly binary analysis platform!
vmpfix - Universal x86/x64 VMProtect 2.0-3.X Import fixer
klee - KLEE Symbolic Execution Engine
manticore - Symbolic execution tool
MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
ocamlformat - Auto-formatter for OCaml code
bolt - Bolt is a language with in-built data-race freedom!
tornado - Tornado is a BitTorrent client written entirely in OCaml.
hardcaml - Hardcaml is an OCaml library for designing hardware.