d4rksystem / VMwareCloak
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
☆332Updated 3 weeks ago
Alternatives and similar repositories for VMwareCloak:
Users that are interested in VMwareCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆286Updated last year
- Dynamic unpacker based on PE-sieve☆705Updated last week
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆154Updated this week
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆731Updated 11 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆172Updated 9 months ago
- Living Off The Land Drivers☆1,108Updated 3 weeks ago
- A GUI and CLI tool for removing bloat from executables☆379Updated last month
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆166Updated this week
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Assortment of hashing algorithms used in malware☆345Updated this week
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆369Updated 3 months ago
- ☆485Updated last year
- Signtool for expired certificates☆464Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆362Updated 9 months ago
- PoCs and tools for investigation of Windows process execution techniques☆891Updated 3 months ago
- Analyse your malware to surgically obfuscate it☆452Updated last month
- Fileless attack with persistence☆334Updated 2 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆174Updated last month
- Research notes☆118Updated 2 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆273Updated 7 months ago
- Performing Indirect Clean Syscalls☆514Updated last year
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆398Updated 7 months ago
- PoC Implementation of a fully dynamic call stack spoofer☆742Updated 7 months ago
- An automatic unpacker and logger for DotNet Framework targeting files☆251Updated last year
- Because AV evasion should be easy.☆666Updated 2 months ago
- Project for tracking publicly disclosed DLL Hijacking opportunities.☆708Updated this week
- Sleep Obfuscation☆719Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆633Updated 2 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆585Updated this week
- A list of useful tools for Malware Analysis (will be updated regularly)☆137Updated 5 months ago