d4rksystem / VMwareCloak
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
☆346Updated 3 months ago
Alternatives and similar repositories for VMwareCloak:
Users that are interested in VMwareCloak are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆294Updated 2 years ago
- Dynamic unpacker based on PE-sieve☆725Updated last month
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆160Updated 3 weeks ago
- Living Off The Land Drivers☆1,148Updated 3 weeks ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆739Updated last year
- PoCs and tools for investigation of Windows process execution techniques☆915Updated last month
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,088Updated last year
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆388Updated last month
- A GUI and CLI tool for removing bloat from executables☆399Updated 2 weeks ago
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆219Updated 10 months ago
- Important notes and topics on my journey towards mastering Windows Internals☆376Updated 11 months ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆180Updated 11 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆637Updated last year
- Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.☆158Updated 2 years ago
- ☆489Updated last year
- Assortment of hashing algorithms used in malware☆357Updated 2 weeks ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆491Updated 2 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆761Updated 9 months ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆737Updated 3 years ago
- Signtool for expired certificates☆476Updated last year
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆405Updated 9 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆176Updated 3 months ago
- Expriments☆453Updated 6 months ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆175Updated this week
- The multi-platform memory acquisition tool.☆775Updated 4 months ago
- Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.☆899Updated 3 years ago
- ☆750Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆532Updated last month