d4rksystem / VBoxCloakLinks
A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆300Updated 2 years ago
Alternatives and similar repositories for VBoxCloak
Users that are interested in VBoxCloak are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆363Updated 5 months ago
- Dynamic unpacker based on PE-sieve☆736Updated last month
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆163Updated 2 years ago
- Assortment of hashing algorithms used in malware☆364Updated last week
- A Binary Genetic Traits Lexer Framework☆495Updated 4 months ago
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆757Updated last year
- Fileless attack with persistence☆356Updated this week
- ☆497Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆185Updated this week
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆396Updated this week
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆410Updated 11 months ago
- An automatic unpacker and logger for DotNet Framework targeting files☆253Updated last year
- A GUI and CLI tool for removing bloat from executables☆407Updated 2 months ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆181Updated 3 years ago
- Repository of Yara Rules☆111Updated 2 months ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆801Updated 4 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Updated 3 years ago
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆223Updated last year
- Malduck is your ducky companion in malware analysis journeys☆337Updated last week
- Living Off The Land Drivers☆1,209Updated last month
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆193Updated last year
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- $MFT directory tree reconstruction & FILE record info☆306Updated 8 months ago
- Somes tools and scripts☆148Updated 3 years ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆740Updated 3 years ago
- PoCs and tools for investigation of Windows process execution techniques☆923Updated 3 weeks ago
- InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…☆562Updated 3 years ago
- Important notes and topics on my journey towards mastering Windows Internals☆395Updated last year