d4rksystem / VBoxCloak
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆286Updated last year
Alternatives and similar repositories for VBoxCloak:
Users that are interested in VBoxCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆330Updated 3 weeks ago
- Dynamic unpacker based on PE-sieve☆704Updated this week
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆152Updated last month
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆730Updated 10 months ago
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆156Updated 2 years ago
- The multi-platform memory acquisition tool.☆738Updated 2 months ago
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆164Updated this week
- A GUI and CLI tool for removing bloat from executables☆378Updated last month
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆197Updated 8 months ago
- Assortment of hashing algorithms used in malware☆344Updated last week
- The Windows Malware Analysis Reversing Core Tools☆91Updated 4 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆398Updated 7 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆172Updated 9 months ago
- Living Off The Land Drivers☆1,104Updated 2 weeks ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆584Updated 2 months ago
- Repository of Yara Rules☆97Updated last month
- $MFT directory tree reconstruction & FILE record info☆297Updated 4 months ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆546Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆251Updated last year
- Fileless attack with persistence☆335Updated 2 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆366Updated 3 months ago
- PoCs and tools for investigation of Windows process execution techniques☆890Updated 2 months ago
- Analyse your malware to surgically obfuscate it☆450Updated 3 weeks ago
- ☆482Updated last year
- ☆325Updated this week
- My collection of malware dev links☆253Updated 5 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆173Updated 3 weeks ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆633Updated last year
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆703Updated 3 weeks ago