Twinner Project

Twinner is a deobfuscation framework. It inspects executable binaries, instruments them using the PIN Intel framework for binary instrumentation, analyzes executed assembly instructions through a concolic execution, models the behavior of the program as a set of symbolic expressions and constraints, and recodes it as twincode, a compilable C program with simplified logic.

The framework allows automatic deobfuscation of the virtualization obfuscated binaries on 64bit Linux and 32bit Windows. Twinner is developed by Behnam Momeni and its source code is released under GPLv3. It is available on GitHub. Twinner is a work in progress, so if you are not familiar with the context, you should wait for the v1.0.0 release. Otherwise, have happy hacking :) There is no regular release schedule and every version is released when it is ready.


2018 December
2018 May
2018 January
2017 October
2017 June
2017 February
2016 September
2016 July
2016 May
2016 March
2016 January
2015 November
2015 October
2015 September
2015 July
2015 May
2015 March
2015 February
2015 January
2014 December
2014 November
2014 October
2014 August
2014 July
2014 April
2014 April
2014 February
2013 December
2013 November
2013 November
2013 October