NavyTitanium / Fake-Sandbox-ArtifactsLinks
This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
☆274Updated 10 months ago
Alternatives and similar repositories for Fake-Sandbox-Artifacts
Users that are interested in Fake-Sandbox-Artifacts are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆360Updated 5 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆298Updated 2 years ago
- Dynamic unpacker based on PE-sieve☆736Updated last month
- Encyclopedia for Executables☆445Updated 3 years ago
- A wireshark plugin to instrument ETW☆560Updated 3 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆410Updated 11 months ago
- High Octane Triage Analysis☆740Updated last week
- Enumerate and disable common sources of telemetry used by AV/EDR.☆801Updated 4 years ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆755Updated last year
- Live hunting of code injection techniques☆382Updated 5 years ago
- ☆148Updated last year
- Malduck is your ducky companion in malware analysis journeys☆337Updated last week
- Collection of private Yara rules.☆358Updated 2 months ago
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆163Updated 2 years ago
- A guide on how to write fast and memory friendly YARA rules☆144Updated 4 months ago
- ☆494Updated last year
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆600Updated last week
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…