Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
☆3,867Jun 21, 2024Updated last year
Alternatives and similar repositories for pafish
Users that are interested in pafish are comparing it to the libraries listed below
Sorting:
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,885Mar 1, 2026Updated 2 weeks ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,923Updated this week
- Script to create templates to use with VirtualBox to make vm detection harder☆768Nov 5, 2022Updated 3 years ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆590Apr 5, 2022Updated 3 years ago
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,576Oct 31, 2025Updated 4 months ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆293Jun 27, 2017Updated 8 years ago
- Vmware Hardened VM detection mitigation loader (anti anti-vm)☆2,202Dec 2, 2022Updated 3 years ago
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆462Nov 22, 2018Updated 7 years ago
- VirtualBox VM detection mitigation loader☆967Apr 2, 2023Updated 2 years ago
- Windows kernel and user mode emulation.☆1,896Mar 12, 2026Updated last week
- A static analyzer for PE executables.☆1,112Mar 11, 2026Updated last week
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,438Updated this week
- Defund the Police.☆13,523Jun 7, 2024Updated last year
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆2,094Dec 9, 2025Updated 3 months ago
- Defeating Windows User Account Control☆7,428Feb 17, 2026Updated last month
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,890Updated this week
- DRAKVUF Black-box Binary Analysis☆1,211Mar 5, 2026Updated 2 weeks ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,239Aug 7, 2025Updated 7 months ago
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆3,243Sep 3, 2022Updated 3 years ago
- Hiding kernel-driver for x86/x64.☆2,635Sep 2, 2025Updated 6 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,119Jul 10, 2024Updated last year
- Demos of various injection techniques found in malware☆794Feb 15, 2022Updated 4 years ago
- Windows memory hacking library☆5,361Jan 26, 2024Updated 2 years ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆742Mar 17, 2019Updated 7 years ago
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,511Nov 15, 2023Updated 2 years ago
- Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.☆1,734Nov 24, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,491Jul 8, 2025Updated 8 months ago
- Source from VMDE paper, adapted to 2015☆189Dec 18, 2017Updated 8 years ago
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,098Mar 8, 2026Updated last week
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,682Feb 14, 2024Updated 2 years ago
- Hook system calls, context switches, page faults and more.☆2,639May 9, 2023Updated 2 years ago
- Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.☆516May 14, 2024Updated last year
- Converts PE into a shellcode☆2,752Aug 30, 2025Updated 6 months ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,319Oct 31, 2025Updated 4 months ago
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,965Feb 24, 2025Updated last year
- Diaphora, the most advanced Free and Open Source program diffing tool.☆4,208Nov 24, 2024Updated last year
- AV/EDR evasion via direct system calls.☆1,797Sep 3, 2022Updated 3 years ago
- A Pin Tool for tracing API calls etc☆1,634Feb 8, 2026Updated last month
- A tool to detect and crash Cuckoo Sandbox☆297Jul 22, 2024Updated last year