Alternatives and similar repositories for VMwareCloak

Users that are interested in VMwareCloak are comparing it to the libraries listed below

• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆298Updated 2 years ago
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,206Updated last month
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆165Updated 2 months ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆736Updated last month
• forrest-orr / moneta
  Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
  ☆755Updated last year
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆396Updated this week
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆185Updated this week
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆181Updated last year
• Malandrone / PowerDecode
  PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…
  ☆193Updated last year
• RussianPanda95 / Yara-Rules
  Repository of Yara Rules
  ☆111Updated 2 months ago
• SafeBreach-Labs / PoolParty
  A set of fully-undetectable process injection techniques abusing Windows Thread Pools
  ☆1,127Updated last year
• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆406Updated 2 months ago
• namazso / MagicSigner
  Signtool for expired certificates
  ☆481Updated 2 years ago
• redteamsocietegenerale / DLLirant
  DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
  ☆496Updated 2 years ago
• OALabs / hashdb
  Assortment of hashing algorithms used in malware
  ☆364Updated this week
• LETHAL-FORENSICS / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆635Updated this week
• Cracked5pider / Ekko
  Sleep Obfuscation
  ☆765Updated last year
• itaymigdal / awesome-injection
  Centralized resource for listing and organizing known injection techniques and POCs
  ☆583Updated last month
• persistence-info / persistence-info.github.io
  ☆494Updated last year
• vu-ls / Crassus
  ☆575Updated 3 weeks ago
• dobin / avred
  Analyse your malware to surgically obfuscate it
  ☆477Updated 3 weeks ago
• Demonslay335 / CryptoTester
  A utility for playing with cryptography, geared towards ransomware analysis.
  ☆297Updated 4 months ago
• ethereal-vx / Antivirus-Artifacts
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆740Updated 3 years ago
• Faran-17 / Windows-Internals
  Important notes and topics on my journey towards mastering Windows Internals
  ☆395Updated last year
• ashemery / malware-tools
  A list of useful tools for Malware Analysis (will be updated regularly)
  ☆142Updated 9 months ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆645Updated 2 years ago
• advanced-threat-research / DotDumper
  An automatic unpacker and logger for DotNet Framework targeting files
  ☆253Updated last year
• hackerhouse-opensource / SignToolEx
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆282Updated 11 months ago
• klezVirus / SilentMoonwalk
  PoC Implementation of a fully dynamic call stack spoofer
  ☆795Updated 11 months ago
• namazso / physmem_drivers
  A collection of various vulnerable (mostly physical memory exposing) drivers.
  ☆393Updated 3 years ago