A summary about different projects/presentations/tools to test how to evade malware sandbox systems
☆55Dec 5, 2018Updated 7 years ago
Alternatives and similar repositories for awesome-sandbox-evasion
Users that are interested in awesome-sandbox-evasion are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A script that parses PowerView's output for GPO analysis. Integrated into bloodhound to find misconfigurations of URA, SMB signing etc☆15Feb 9, 2020Updated 6 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆25Dec 8, 2021Updated 4 years ago
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆81Aug 7, 2024Updated last year
- An example of PE hollowing injection technique☆27Jun 28, 2019Updated 7 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- WhiteRabbitTracker: Analyzing malware evasions with information flow tracking☆19Jul 25, 2021Updated 4 years ago
- C# Implementation of Get-VaultCredential☆14Jul 31, 2018Updated 7 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago
- DarkRat source - beware untested source and resources.☆22Dec 7, 2019Updated 6 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆265Feb 7, 2019Updated 7 years ago
- Red Team C2 and Post Exploitation code☆36May 22, 2026Updated last month
- The Web Controller☆10Dec 4, 2019Updated 6 years ago
- Yara sort☆13Jun 16, 2026Updated 2 weeks ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆52May 31, 2018Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean☆12May 5, 2021Updated 5 years ago
- A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.☆27Aug 14, 2018Updated 7 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 7 years ago
- Fresh malware samples caught in the wild daily from random places. 🎣☆21Jun 27, 2019Updated 7 years ago
- Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…☆232Mar 18, 2024Updated 2 years ago
- Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins☆135Jan 6, 2019Updated 7 years ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 5 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Jun 21, 2022Updated 4 years ago
- Zerokit shared code☆18Mar 28, 2019Updated 7 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- The Web UI for Antnium☆27Jun 14, 2022Updated 4 years ago
- Collection of simple anti-debugging tricks for Linux☆58Apr 10, 2018Updated 8 years ago
- Notebooks created to attack and secure Active Directory environments☆27Nov 18, 2019Updated 6 years ago
- A tool for enumerating and retrieving exposed git repositories to recover source trees from external environments. Can utilise File Inclu…☆24Aug 20, 2020Updated 5 years ago
- ☆17Feb 4, 2020Updated 6 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 7 years ago
- execute a PE in the address space of another PE aka process hollowing☆58Dec 2, 2021Updated 4 years ago
- Process injection via KernelCallbackTable☆14Jan 28, 2022Updated 4 years ago
- ☆17Jul 26, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 无模块注入工程 VS2008☆11Jul 23, 2018Updated 7 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 4 years ago
- Convert PE files to a shellcode☆83May 7, 2020Updated 6 years ago
- A simple packer working with all PE files which cipher your exe with a XOR implementation☆15Aug 10, 2020Updated 5 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆524May 19, 2026Updated last month
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆63Jun 17, 2026Updated 2 weeks ago
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago