Bunch of techniques potentially used by malware to detect analysis environments
☆160Jul 4, 2016Updated 9 years ago
Alternatives and similar repositories for anti-analysis-tricks
Users that are interested in anti-analysis-tricks are comparing it to the libraries listed below
Sorting:
- ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.☆287May 24, 2016Updated 9 years ago
- capstone based disassembler for extracting to binnavi☆229Jun 8, 2016Updated 9 years ago
- Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools☆462Nov 22, 2018Updated 7 years ago
- Solutions for various crackmes☆20Jan 13, 2013Updated 13 years ago
- Application Security library☆11Nov 6, 2012Updated 13 years ago
- Distributing the REconstruction of High-Level IR for Large Scale Malware Analysis☆65Sep 15, 2015Updated 10 years ago
- map file generator for intel x86 binary based on flirt signature☆83May 2, 2016Updated 9 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- Malware exploits☆554Aug 22, 2025Updated 6 months ago
- ☆43Jul 2, 2018Updated 7 years ago
- Python Malware Crawler for Zoos and Repositories☆109Apr 9, 2018Updated 7 years ago
- Linux bind shell with anti-reverse engineering techniques☆291Feb 9, 2017Updated 9 years ago
- Exposing the Neutrino EK: All the Naughty Bits (BSidesLV16)☆15Oct 10, 2016Updated 9 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- A malware sandoxed with gdb☆15Jun 27, 2016Updated 9 years ago
- PyAna - Analyzing the Windows shellcode☆247Feb 16, 2016Updated 10 years ago
- Comae Hibernation File Decompressor☆156Apr 1, 2023Updated 2 years ago
- Nosy Newt is a simple concolic execution tool for exploring the input space of a binary executable program based in Triton☆62Aug 5, 2017Updated 8 years ago
- Small tool for disassembling shellcode (using objdump)☆149Jun 19, 2022Updated 3 years ago
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆295Sep 30, 2023Updated 2 years ago
- Various snippets created during malware analysis☆464Oct 3, 2025Updated 5 months ago
- Pocs for Antivirus Software‘s Kernel Vulnerabilities☆266Jul 6, 2017Updated 8 years ago
- Any useful windbg plugins I've written.☆117Apr 10, 2018Updated 7 years ago
- Reverse Engineering and Exploit Development stuff☆31Mar 8, 2018Updated 8 years ago
- Differential Analysis of Malware in Memory☆216Apr 16, 2017Updated 8 years ago
- ☆108Jul 18, 2017Updated 8 years ago
- Local UNIX PrivEsc Aggregation☆243Apr 9, 2016Updated 9 years ago
- ☆12Jun 13, 2016Updated 9 years ago
- Packed Malware Analyzer (PACKMAN)☆12Jan 31, 2016Updated 10 years ago
- Builds malware analysis Windows VMs so that you don't have to.☆1,044Aug 23, 2021Updated 4 years ago
- IDA Pro plugin making easier work on BinDiff results☆80Mar 25, 2016Updated 9 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- A collection of post-exploitation tools for network red teaming.☆138Dec 7, 2018Updated 7 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Mar 11, 2016Updated 9 years ago
- ATrace is a tool for tracing execution of binaries on Windows.☆240Nov 19, 2025Updated 3 months ago
- PoC for breaking hypervisor ASLR using branch target buffer collisions☆168Sep 24, 2016Updated 9 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆215Aug 4, 2020Updated 5 years ago
- BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.☆176Dec 1, 2022Updated 3 years ago
- SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]☆410Apr 21, 2020Updated 5 years ago