d4rksystem / VBoxCloak
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆293Updated 2 years ago
Alternatives and similar repositories for VBoxCloak:
Users that are interested in VBoxCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆349Updated 3 months ago
- Dynamic unpacker based on PE-sieve☆730Updated last month
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆159Updated 2 years ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆160Updated last month
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆220Updated 10 months ago
- Assortment of hashing algorithms used in malware☆360Updated last month
- A GUI and CLI tool for removing bloat from executables☆399Updated last month
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆742Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆175Updated this week
- Signtool for expired certificates☆477Updated last year
- Living Off The Land Drivers☆1,160Updated last month
- Repository of Yara Rules☆110Updated 3 weeks ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆176Updated 3 months ago
- Important notes and topics on my journey towards mastering Windows Internals☆376Updated last year
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆388Updated this week
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆180Updated 3 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆184Updated last year
- Fileless attack with persistence☆352Updated 5 months ago
- Code snips and notes☆137Updated 3 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆405Updated 9 months ago
- PoCs and tools for investigation of Windows process execution techniques☆915Updated last month
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆658Updated last year
- A Binary Genetic Traits Lexer Framework☆490Updated 2 months ago
- This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or …☆269Updated 9 months ago
- ☆489Updated last year
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆559Updated 2 years ago
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆528Updated last year
- Malduck is your ducky companion in malware analysis journeys☆330Updated this week