d4rksystem / VMwareCloakLinks
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
☆397Updated 8 months ago
Alternatives and similar repositories for VMwareCloak
Users that are interested in VMwareCloak are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆313Updated 3 months ago
- A GUI and CLI tool for removing bloat from executables☆423Updated 3 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆195Updated 2 weeks ago
- Dynamic unpacker based on PE-sieve☆769Updated 3 weeks ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆210Updated last year
- Living Off The Land Drivers☆1,297Updated 3 weeks ago
- Important notes and topics on my journey towards mastering Windows Internals☆406Updated last year
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆425Updated 3 months ago
- A ProcessMonitor visualization application written in rust.☆184Updated 2 years ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆774Updated last year
- Assortment of hashing algorithms used in malware☆379Updated this week
- ☆508Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆199Updated last week
- An automatic unpacker and logger for DotNet Framework targeting files☆259Updated 2 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆674Updated 2 months ago
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆238Updated last year
- Signtool for expired certificates☆489Updated 2 years ago
- Somes tools and scripts☆152Updated 3 years ago
- The multi-platform memory acquisition tool.☆849Updated 3 months ago
- Repository of Yara Rules☆123Updated 3 weeks ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆642Updated last year
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆163Updated last year
- Memory acquisition for Linux that makes sense.☆206Updated last year
- Cybersecurity research results. Simple C/C++ and Python implementations☆261Updated this week
- Research notes☆128Updated 10 months ago
- ☆374Updated this week
- PoCs and tools for investigation of Windows process execution techniques☆934Updated last month
- PoC Implementation of a fully dynamic call stack spoofer☆840Updated last year
- ☆585Updated 4 months ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆431Updated last year