A summary about different projects/presentations/tools to test how to evade malware sandbox systems
☆54Dec 5, 2018Updated 7 years ago
Alternatives and similar repositories for awesome-sandbox-evasion
Users that are interested in awesome-sandbox-evasion are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☣️ Necro Stealer + Web Panel☆10May 2, 2020Updated 5 years ago
- A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc☆15Feb 9, 2020Updated 6 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆25Dec 8, 2021Updated 4 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆80Aug 7, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- An example of PE hollowing injection technique☆25Jun 28, 2019Updated 6 years ago
- WhiteRabbitTracker: Analyzing malware evasions with information flow tracking☆19Jul 25, 2021Updated 4 years ago
- C# Implementation of Get-VaultCredential☆14Jul 31, 2018Updated 7 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago
- DarkRat source - beware untested source and resources.☆22Dec 7, 2019Updated 6 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆266Feb 7, 2019Updated 7 years ago
- Red Team C2 and Post Exploitation code☆36Mar 10, 2026Updated last month
- The Web Controller☆10Dec 4, 2019Updated 6 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53May 31, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Yara sort☆13Apr 20, 2026Updated last week
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Aug 14, 2018Updated 7 years ago
- A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean☆12May 5, 2021Updated 4 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- Fresh malware samples caught in the wild daily from random places. 🎣☆20Jun 27, 2019Updated 6 years ago
- Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…☆231Mar 18, 2024Updated 2 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆135Jan 6, 2019Updated 7 years ago
- DLL to use the power of Pafish☆32Oct 5, 2021Updated 4 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Jun 21, 2022Updated 3 years ago
- Zerokit shared code☆17Mar 28, 2019Updated 7 years ago
- A x86/64 library for detouring functions on Windows OS☆51Jan 26, 2022Updated 4 years ago
- The Web UI for Antnium☆27Jun 14, 2022Updated 3 years ago
- Collection of simple anti-debugging tricks for Linux☆57Apr 10, 2018Updated 8 years ago
- ☆17Feb 4, 2020Updated 6 years ago
- Notebooks created to attack and secure Active Directory environments☆27Nov 18, 2019Updated 6 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- execute a PE in the address space of another PE aka process hollowing☆60Dec 2, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- ☆17Jul 26, 2018Updated 7 years ago
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Convert PE files to a shellcode☆81May 7, 2020Updated 5 years ago
- A simple packer working with all PE files which cipher your exe with a XOR implementation☆15Aug 10, 2020Updated 5 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆524Apr 23, 2026Updated last week