Unofficial CMake build for Ghidra's C++ SLEIGH code

libLISA: Instruction Discovery and Analysis on x86-64

🪅 Windows User Space Emulator

🐇 Fuzzing Rust code with American Fuzzy Lop

BinRec: Dynamic Binary Lifting and Recompilation

LLVM based static binary analysis framework

Monitoring and controlling kernel API calls with stealth hook using EPT

Zydis Rust Bindings

Hex-Rays microcode plugin for automated simplification of Windows Kernel decompilation.

Collection of hypervisor detections

Kernel-mode Paravirtualization in Ring 2, LLVM based linker, and some other things!

Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.

A static devirtualizer for VMProtect x64 3.x. powered by VTIL.

A rewrite of YARA in Rust.

Deobfuscation via optimization with usage of LLVM IR and parsing assembly.

State-of-the-art native debugging tools

Blazing fast and correct x86/x64 disassembler, assembler, decoder, encoder for Rust, .NET, Java, Python, Lua

Efficient general mixed boolean-arithmetic (MBA) simplifier

JSON for Modern C++

A header-only C++ library for accessing files in COFF binary format. (Including Windows PE/PE+ formats)

A C++11 library for reading Microsoft Program DataBase PDB files

Emulate Drivers in RING3 with self context mapping or unicorn

An implementation of Kaleidoscope, the LLVM tutorial model language, written in Rust using Inkwell.

Python bindings for LLVM auto-generated from the LLVM-C API

Open-source symbolic execution framework: https://maat.re

Portable Executable parsing library (from PE-bear)

An experimental dynamic malware unpacker based on Intel Pin and PE-sieve

A linux-based assembly REPL for x86, amd64, armv7, and armv8

Compile Binary Ninja's MLIL to LLVM, for purposes of analysis, patching, and compiling it back to a binary again.