This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
β297Jul 31, 2024Updated last year
Alternatives and similar repositories for Fake-Sandbox-Artifacts
Users that are interested in Fake-Sandbox-Artifacts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- πβπ¨ This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.β143Jun 21, 2025Updated 11 months ago
- Some anti QEMU trick used by in-the-wild malware.β14Aug 14, 2015Updated 10 years ago
- Work in Progress repoβ16Apr 18, 2019Updated 7 years ago
- Bypass Antivm and Cuckoo Sandbox Techniquesβ12Oct 12, 2016Updated 9 years ago
- β10Dec 24, 2022Updated 3 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer β’ AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Collection of various files from infected hostsβ78Mar 22, 2022Updated 4 years ago
- LetMeOutOfYour.net Resourcesβ21Apr 11, 2026Updated 2 months ago
- Standardized Malware Analysis Toolβ56Mar 9, 2021Updated 5 years ago
- Small wiki for Mobile Application Penetration Testing Toolsβ12Apr 8, 2021Updated 5 years ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.β6,992Jun 2, 2026Updated last week
- POC code to crash Windows Event Logger Serviceβ27Oct 16, 2020Updated 5 years ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysβ¦β436Jan 25, 2025Updated last year
- Automatically create YARA rules from malicious documents.β211May 16, 2022Updated 4 years ago
- DRAKVUF Sandbox - automated hypervisor-level malware analysis systemβ1,298Jun 4, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Trigger-only for CVE-2021-29627β12Apr 12, 2021Updated 5 years ago
- Decrypt NTDS hashesβ24Jan 22, 2014Updated 12 years ago
- Remotely enables Restricted Admin Modeβ214Sep 3, 2021Updated 4 years ago
- β77Nov 30, 2023Updated 2 years ago
- β169Dec 8, 2022Updated 3 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formβ¦β1,161Jun 10, 2024Updated 2 years ago
- DFF (Digital Forensics Framework)β11Jan 6, 2021Updated 5 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.β34Dec 19, 2021Updated 4 years ago
- Sources code extracted from malwares for analysisβ40Mar 10, 2023Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available β’ AdRun AI, ML, and HPC workloads on powerful cloud GPUsβwithout limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Implant drop-in for EDR testingβ147Nov 15, 2023Updated 2 years ago
- The Multiplatform Linux Sandboxβ16Dec 19, 2023Updated 2 years ago
- A Simple Ransomware Vaccineβ978Nov 8, 2023Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groupsβ728Dec 26, 2022Updated 3 years ago
- C# port of LogServiceCrashβ46Oct 7, 2020Updated 5 years ago
- Prototype program to decode a video file looking for exploits/malware.β17Jul 26, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().β219Mar 5, 2020Updated 6 years ago
- Ida pro plugin. The antiVM aims to quickly identify anti-virtual machine and anti-sandbox behavior. This can speed up malware analysis.β46Sep 2, 2022Updated 3 years ago
- wordlists for password crackingβ29Aug 15, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun lβ¦β22Feb 15, 2014Updated 12 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groupsβ60Oct 28, 2022Updated 3 years ago
- Petaq - Purple Team Command & Control Serverβ104Dec 8, 2022Updated 3 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controlsβ334Oct 9, 2021Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog postβ128May 25, 2021Updated 5 years ago
- OSED Practice binaryβ27Nov 23, 2023Updated 2 years ago
- A tool to detect and crash Cuckoo Sandboxβ297Jul 22, 2024Updated last year