Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
☆3,868Jun 21, 2024Updated last year
Alternatives and similar repositories for pafish
Users that are interested in pafish are comparing it to the libraries listed below
Sorting:
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,868Updated this week
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,897Feb 23, 2026Updated last week
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,562Oct 31, 2025Updated 4 months ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆585Apr 5, 2022Updated 3 years ago
- Script to create templates to use with VirtualBox to make vm detection harder☆770Nov 5, 2022Updated 3 years ago
- Windows kernel and user mode emulation.☆1,860Updated this week
- A static analyzer for PE executables.☆1,107Feb 24, 2026Updated last week
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆463Nov 22, 2018Updated 7 years ago
- Vmware Hardened VM detection mitigation loader (anti anti-vm)☆2,191Dec 2, 2022Updated 3 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆293Jun 27, 2017Updated 8 years ago
- Defeating Windows User Account Control☆7,404Feb 17, 2026Updated 2 weeks ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆2,089Dec 9, 2025Updated 2 months ago
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆3,231Sep 3, 2022Updated 3 years ago
- VirtualBox VM detection mitigation loader☆964Apr 2, 2023Updated 2 years ago
- Defund the Police.☆13,486Jun 7, 2024Updated last year
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,396Dec 23, 2025Updated 2 months ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,233Aug 7, 2025Updated 6 months ago
- makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]☆743Mar 17, 2019Updated 6 years ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,844Updated this week
- Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode☆2,503Nov 15, 2023Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,470Jul 8, 2025Updated 7 months ago
- DRAKVUF Black-box Binary Analysis☆1,209Updated this week
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,953Feb 24, 2025Updated last year
- Windows memory hacking library☆5,346Jan 26, 2024Updated 2 years ago
- Hiding kernel-driver for x86/x64.☆2,619Sep 2, 2025Updated 6 months ago
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,267Nov 6, 2025Updated 3 months ago
- Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software v…☆4,070Dec 2, 2025Updated 3 months ago
- AV/EDR evasion via direct system calls.☆1,795Sep 3, 2022Updated 3 years ago
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,314Oct 31, 2025Updated 4 months ago
- Demos of various injection techniques found in malware☆796Feb 15, 2022Updated 4 years ago
- Converts PE into a shellcode☆2,745Aug 30, 2025Updated 6 months ago
- A Pin Tool for tracing API calls etc☆1,620Feb 8, 2026Updated 3 weeks ago
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,682Feb 14, 2024Updated 2 years ago
- Hook system calls, context switches, page faults and more.☆2,637May 9, 2023Updated 2 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,119Jul 10, 2024Updated last year
- Intel VT-x based hypervisor aiming to provide a thin VM-exit filtering platform on Windows.☆1,728Nov 24, 2023Updated 2 years ago
- 🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc☆2,005Jul 13, 2022Updated 3 years ago
- A memory scanning evasion technique☆899May 24, 2017Updated 8 years ago
- State-of-the-art native debugging tools☆3,654Feb 24, 2026Updated last week