 |
VMProfiler
v1.8
vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.
|
|
VMProfiler
v1.8
vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.
|
#include <vmprofiler.hpp>Namespaces | |
| vm | |
| vm::util | |
| utils used by the other cpp files... misc things that get used a lot... | |
| vm::util::reg | |
| utils pertaining to native registers... | |
Functions | |
| zydis_register_t | vm::util::reg::to64 (zydis_register_t reg) |
| converts say... AL to RAX... More... | |
| bool | vm::util::reg::compare (zydis_register_t a, zydis_register_t b) |
| compares to registers with each other... calls to64 and compares... More... | |
| bool | vm::util::get_fetch_operand (const zydis_routine_t &routine, zydis_instr_t &fetch_instr) |
| get the instruction that fetches an operand out of VIP... More... | |
| std::optional< zydis_routine_t::iterator > | vm::util::get_fetch_operand (zydis_routine_t &routine) |
| gets the instruction that fetches an operand out of VIP and returns an iterator to it... More... | |
| void | vm::util::print (const zydis_decoded_instr_t &instr) |
| prints a single disassembly view of an instruction... More... | |
| void | vm::util::print (zydis_routine_t &routine) |
| prints a disassembly view of a routine... More... | |
| bool | vm::util::is_jmp (const zydis_decoded_instr_t &instr) |
| determines if a given decoded native instruction is a JCC... More... | |
| bool | vm::util::flatten (zydis_routine_t &routine, std::uintptr_t routine_addr, bool keep_jmps=false) |
| flatten native instruction stream, takes every JCC (follows the branch)... More... | |
| void | vm::util::deobfuscate (zydis_routine_t &routine) |
| deadstore deobfuscation of a flattened routine... More... | |
1.9.1