Themida Spotter - A Binary Ninja plugin to detect Themida, WinLicense and Code Virtualizer’s obfuscated code locations.

Can be useful to quickly find mutated and virtualized functions in a binary.

https://github.com/ergrelet/themida-spotter-bn

Version 0.4.0 of resym is out!

Key features include: compilable output for C types (finally!), module browser, web version, from/to cross-reference lists, drag and drop (thanks
@learn_more) and more!

Full changelog here: https://github.com/ergrelet/resym/releases/tag/v0.4.0

Unlicense 0.4.0 is out! This release is long overdue but here it is.

Many bug fixes, including some for Themida/WinLicense 3.1.4.x.

Full changelog and download here: https://github.com/ergrelet/unlicense/releases/tag/0.4.0

Following the recent update of Winbindex, WinDiff now also fetches the latest Windows 11 Insider Preview builds! Enjoy! 😊

Thanks
@m417z
for all the work done on Winbindex!

App: https://windiff.vercel.app
Repo: https://github.com/ergrelet/windiff

WinDiff now automatically extracts syscall numbers and names from 'ntoskrnl.exe', 'win32k.sys', 'ntdll.dll' and 'win32u.dll'. Enjoy!😄

App: https://windiff.vercel.app
Repo: https://github.com/ergrelet/windiff

WinDiff - Browse and compare exports, debug symbols and debug types of PEs between Windows versions.

WinDiff is a streamlined revamp of ntdiff, wired directly to Winbindex to fetch Windows updates and PEs automatically.

App: https://windiff.vercel.app
Repo: https://github.com/ergrelet/windiff

Version 0.3.0 of resym is out!

This release focused mainly on C and C++ type reconstruction improvements, many bugs are gone thanks to great contributions from new contributors!

Full changelog here: https://github.com/ergrelet/resym/releases/tag/v0.3.0