d4rksystem / VBoxCloak
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆289Updated last year
Alternatives and similar repositories for VBoxCloak:
Users that are interested in VBoxCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆340Updated 2 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆158Updated this week
- Dynamic unpacker based on PE-sieve☆718Updated 2 weeks ago
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆157Updated 2 years ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆736Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆171Updated last week
- A ProcessMonitor visualization application written in rust.☆177Updated last year
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆216Updated 9 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆178Updated 11 months ago
- Living Off The Land Drivers☆1,140Updated last week
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- A GUI and CLI tool for removing bloat from executables☆390Updated 2 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆175Updated 2 months ago
- ☆488Updated last year
- Malduck is your ducky companion in malware analysis journeys☆326Updated 9 months ago
- PoCs and tools for investigation of Windows process execution techniques☆912Updated 2 weeks ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆577Updated 10 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆387Updated 2 weeks ago
- Repository of Yara Rules☆103Updated last month
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆731Updated 2 weeks ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆638Updated last year
- ☆200Updated 5 months ago
- Lnk Explorer Command line edition!!☆295Updated 2 months ago
- A curated list of awesome malware persistence tools and resources.☆205Updated 4 months ago
- The multi-platform memory acquisition tool.☆766Updated 4 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆236Updated this week
- Assortment of hashing algorithms used in malware☆352Updated 3 weeks ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆652Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆374Updated 11 months ago
- ☆113Updated last month