TinyDBR is meant for tiny dynamic binary rewriter fox x86 instruction set

Overview

TinyDBR

UE4 Demo

What is TinyDBR?

TinyDBR is meant for tiny dynamic binary rewriter fox x86 instruction set.

This is a port to the TinyInst by Google Project Zero team to fit my own needs.

The original TinyInst works as a debuuger and the target process runs seperately as a debuggee.

While TinyDBR runs inter the target process and translate instructions right there.

How TinyDBR works?

Currently, TinyDBR only support Windows and X64.

Both TinyInst and TinyDBR will protect the target's code to non-executable property, then an attempt to execute the target code will raise an execute exception.

But compared to TinyInst, which catch the exception and translate instructions in debug event loop of the debugger process, TinyDBR registers a VEH handler at the target process, and does all tranlation steps within the VEH handler.

Other parts are almost the same as the original TinyInst.

TODO List:

  1. Refactory the public interface for easy usage.
  2. Remove remote memory backup as we now have only one process.
  3. Support rewrite shellcode without modules.
  4. Support rewrite multiple modules.
  5. Support other platform.
Releases(v1.1.1)
Owner
Asuka
Asuka
rdtsc x86 instruction to detect virtual machines

rdtsc_detector rdtsc x86 instruction to detect virtual machines What is rdtsc? The Time Stamp Counter (TSC) is a 64-bit register present on all x86 pr

null 4 Apr 29, 2022
RISCAL is a 32-bit reduced instruction-set computer (RISC) designed for learning and research purposes. It is named after my dog, Rascal.

RISCAL CPU RISCAL is a 32-bit custom instruction set architecture virtual machine. It is intended to be used for learning/research purposes. In a nuts

null 3 Dec 23, 2021
A port of the Linux x86 IOLI crackme challenges to x86-64

This is a port of the original Linux x86 IOLI crackme binaries to x86-64. The original set of IOLI crackmes can be found here: https://github.com/Maij

Julian Daeumer 4 Mar 19, 2022
This repository is meant to host the core files needed to create a Beacon Object File for use with Cobalt Strike

BOF Template This repository is meant to host the core files needed to create a Beacon Object File for use with Cobalt Strike. A Beacon Object File (B

Cobalt Strike 28 Jun 18, 2022
Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework

About Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution,

Trail of Bits 444 Jun 22, 2022
Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.

hiding-your-syscalls What is this? This repository contains all of the source code from my blog post about avoiding direct syscall detections, which y

null 195 Jun 19, 2022
A fully customisable assembler for your own instruction sets

CASM A fully customisable assembler for your own instruction sets! What Is CASM? ?? Documentation ?? Command-Line Usage ?? How To Install CASM ?? Buil

Sjoerd Vermeulen 2 May 7, 2022
oZKS (Ordered Zero-Knowledge Set) is a library that provides an implementation of an Ordered (and Append Only) Zero-Knowledge Set.

Ordered Zero-Knowledge Set - oZKS Introduction oZKS is a library that provides an implementation of an Ordered (and Append Only) Zero Knowledge Set. A

Microsoft 6 Mar 25, 2022
6D - Pose Annotation Tool (6D-PAT) - is a tool that allows the user to load a set of images and also a set of 3D models and annotate where in the 2D image the 3D object ist placed.

6D - Pose Annotation Tool (6D-PAT) For detiled explanations checkout the WikiPage. What is it? With 6D-PAT you can create 6D annotations on images for

Florian Blume 59 Jun 14, 2022
a small C library for x86 CPU detection and feature extraction

libcpuid libcpuid provides CPU identification for the x86 (and x86_64). For details about the programming API, you might want to take a look at the pr

Veselin Georgiev 329 May 31, 2022
x86 emulator on Raspberry Pi Pico

picox86 x86 emulator on Raspberry Pi Pico https://user-images.githubusercontent.com/10139098/110543817-13299080-812b-11eb-9c88-674cdae919fc.mp4 PCB fr

null 34 Apr 7, 2022
SerenityOS - Graphical Unix-like operating system for x86 computers. 🐞

SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.

SerenityOS 20.2k Jun 27, 2022
Obfuscate calls to imports by patching in stubs. ICO works on both X86 and X64 binaries.

ICO adds a new section into the image, then begins building stubs for each import that uses a extremely basic routine to decrypt an RVA and places them into the section.

null 34 Jun 4, 2022
Programming language that compiles into a x86 ELF executable.

ocean Programming language that compiles into a x86 ELF executable. The main goal at the moment is to create a C compiler, which can atleast compile i

Richard 165 Jun 21, 2022
A D++ Discord Bot template for Visual Studio 2019 (x64 and x86)

D++ Windows Bot Template A D++ Discord Bot template for Visual Studio 2019 (x64 and x86, release and debug). The result of this tutorial. This templat

brainbox.cc 19 Jun 11, 2022
A mini x86-64 assembler for fun

A mini x86-64 assembler for fun

null 187 Jun 21, 2022
An experimental operating system for x86 and ARM

Odyssey - an experimental operating system for x86 and ARM

Anuradha Weeraman 35 Jun 8, 2022
Avocado Bootloader is an Advanced X86 - X86_64 BIOS/UEFI multiprotocol bootloader.

Avocado Bootloader What is avocado? Avocado is a modern, advanced x86/x86_64 BIOS/UEFI multiprotocol bootloader used as the reference implementation f

Weida32 2 Jan 3, 2022