This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We give a brief introduction into virtualization-based obfuscation and manually analyze a simple VM generated by Tigress. Afterward, we use symbolic execution to automate the analysis and write a dynamic VM disassembler that is based on Miasm. The recording is available here. Installation # on debian/ubuntu based systems: sudo apt-get install python-dev # clone repository and