d4rksystem / VBoxCloak
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆294Updated 2 years ago
Alternatives and similar repositories for VBoxCloak:
Users that are interested in VBoxCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆346Updated 3 months ago
- Dynamic unpacker based on PE-sieve☆725Updated last month
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆175Updated this week
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆160Updated 3 weeks ago
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆219Updated 10 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆740Updated last year
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆405Updated 9 months ago
- $MFT directory tree reconstruction & FILE record info☆304Updated 6 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆637Updated last year
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆158Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- Malduck is your ducky companion in malware analysis journeys☆329Updated 10 months ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆388Updated last month
- A Binary Genetic Traits Lexer Framework☆490Updated 2 months ago
- Assortment of hashing algorithms used in malware☆357Updated 2 weeks ago
- Signtool for expired certificates☆476Updated last year
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆176Updated 3 months ago
- Important notes and topics on my journey towards mastering Windows Internals☆376Updated 11 months ago
- ☆489Updated last year
- Living Off The Land Drivers☆1,153Updated 3 weeks ago
- Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus)☆527Updated last year
- A GUI and CLI tool for removing bloat from executables☆399Updated 2 weeks ago
- Memory acquisition for Linux that makes sense.☆184Updated last year
- PoCs and tools for investigation of Windows process execution techniques☆915Updated last month
- Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.☆901Updated 3 years ago
- The multi-platform memory acquisition tool.☆777Updated 4 months ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆555Updated 3 years ago
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆737Updated this week
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆237Updated 3 weeks ago