CheckPointSW / InviZzzible
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
☆537Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for InviZzzible
- Quickly debug shellcode extracted during malware analysis☆565Updated last year
- Dynamic unpacker based on PE-sieve☆658Updated 8 months ago
- "Screwed Drivers" centralized information source for code references, links, etc.☆339Updated 4 years ago
- zer0m0n driver for cuckoo sandbox☆356Updated 9 years ago
- My implementation of enSilo's Process Doppelganging (PE injection technique)☆580Updated 2 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆386Updated 4 months ago
- A memory scanning evasion technique☆839Updated 7 years ago
- Portable Executable parsing library (from PE-bear)☆647Updated 2 months ago
- Demos of various injection techniques found in malware☆791Updated 2 years ago
- Live hunting of code injection techniques☆375Updated 5 years ago
- ☆798Updated 4 years ago
- A Pin Tool for tracing API calls etc☆1,304Updated this week
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆792Updated 2 years ago
- Obfuscate specific windows apis with different apis☆982Updated 3 years ago
- A static analyzer for PE executables.☆1,018Updated 10 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆543Updated this week
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,093Updated last year
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆732Updated 5 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆417Updated 4 years ago
- Automatic and platform-independent unpacker for Windows binaries based on emulation☆659Updated last month
- DRAKVUF Black-box Binary Analysis☆1,066Updated this week
- Binee: binary emulation environment☆503Updated last year
- A Binary Genetic Traits Lexer Framework☆393Updated last year
- A tool to detect and crash Cuckoo Sandbox☆288Updated 4 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆929Updated last year
- This project aims at simplifying Windows API import recovery on arbitrary memory dumps☆241Updated last year
- A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl☆1,121Updated 3 weeks ago
- Examples of leaking Kernel Mode information from User Mode on Windows☆583Updated 7 years ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,063Updated 3 weeks ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆770Updated 3 years ago