binsnake / omill

Public

Binary lifter and deobfuscator using remill for x86_64 Windows binaries

100% credibility

Found Feb 19, 2026 at 48 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

C++

AI Summary

omill is a toolkit that transforms complex code from Windows programs into clean, recompilable versions, helping with deobfuscation and analysis.

How It Works

🔍 Discover omill

You stumble upon omill while searching for a way to make sense of confusing Windows programs that are hard to understand.

📥 Gather your tools

Download the free building blocks like a code toolkit and a helper builder to get everything ready on your computer.

🔨 Build your cleaner

Follow the simple guide to assemble your personal code cleaner in just a few minutes.

🎯 Point to your program

Choose the tricky part of your Windows program where you want to start simplifying.

✨ Watch it simplify

Hit go and see the magic as your tangled code turns into something clear and beautiful.

📤 Save the clean version

Grab your shiny new simplified code ready for more adventures.

🚀 Run your reborn program

Put it back together and watch your program come alive, easier to tweak and understand than ever.

Sign up to see the full architecture

5 more

Star Growth

See how this repo grew from 48 to 59 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is omill?

omill takes remill-lifted LLVM IR from x86_64 Windows PE binaries and transforms it into clean, recompilable native code. It lowers memory intrinsics and state structs, recovers control flow and ABI, and handles deobfuscation like lazy imports and MBA expressions. Built in C++ on LLVM 21, it offers CLI tools: omill-lift for direct binary lifting from PE files, omill-opt for pipeline runs on bitcode, and ollvm-obf for generating obfuscated test inputs.

Why is it gaining traction?

In the crowded binary lifting space on GitHub—think remill forks or Binary Ninja plugins—omill stands out with Windows-specific deobf for real-world PE malware, resolving IAT calls and hash-based imports automatically. Developers grab github binary releases for its end-to-end workflow from unpacked EXE to optimized IR, skipping manual CFG tweaks. Like a binary load lifter droid from Star Wars hauling obfuscated code to readability.

Who should use this?

Reverse engineers analyzing OLLVM-obfuscated Windows malware or packed EXEs. Malware analysts needing to lift and deobfuscate specific functions for dynamic analysis. Remill users wanting recompilable output without fighting state structs or unresolved jumps.

Verdict

Grab it if you're deep in x86_64 Windows reversing—CLI tools deliver fast wins on deobf—but at 44 stars and 1.0% credibility, it's early-stage with solid tests yet thin docs. Pair with liftfuzz for validation; expect weekly improvements on complex obf.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

Followers

Base stars: 59 stars

Bonus: AI verified quality (100%)

Account age: 305 days

Repo age: 17 days

License: MIT

Updated: Mar 02, 2026