A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
☆399Jul 4, 2025Updated 8 months ago
Alternatives and similar repositories for VBoxCloak
Users that are interested in VBoxCloak are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆426Jan 25, 2025Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Aug 7, 2024Updated last year
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 2 years ago
- ☆38Apr 7, 2023Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆264Aug 23, 2023Updated 2 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆131Nov 25, 2023Updated 2 years ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- Aims to identify sleeping beacons☆661Jan 25, 2026Updated last month
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Jun 30, 2023Updated 2 years ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆197Sep 19, 2022Updated 3 years ago
- Enumerate domain machine accounts and perform pre2k password spraying.☆69Jul 14, 2023Updated 2 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- Malware Configuration And Payload Extraction☆3,055Updated this week
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆226May 3, 2023Updated 2 years ago
- Now You See Me, Now You Don't☆1,027Jan 23, 2026Updated last month
- A dynamic unpacking tool☆148Sep 17, 2023Updated 2 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Jan 10, 2025Updated last year
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆300Mar 1, 2023Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆118Oct 31, 2022Updated 3 years ago
- Credential Guard Bypass Via Patching Wdigest Memory☆335Feb 3, 2023Updated 3 years ago
- Dynamic unpacker based on PE-sieve☆799Sep 13, 2025Updated 5 months ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Sep 19, 2022Updated 3 years ago
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,867Jun 21, 2024Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- Malduck is your ducky companion in malware analysis journeys☆349Jun 22, 2025Updated 8 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory☆333Jun 22, 2024Updated last year
- RegStrike is a .reg payload generator☆58Sep 19, 2023Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆386Jul 30, 2024Updated last year
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆677Nov 9, 2023Updated 2 years ago
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- My malware analysis code snippets☆28Jul 15, 2023Updated 2 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,197Oct 16, 2023Updated 2 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Simple (relatively) things allowing you to dig a bit deeper than usual.☆3,485Feb 16, 2026Updated 3 weeks ago