Repository navigation
anti-analysis
- Website
- Wikipedia
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Linux anti-debugging and anti-analysis rust library
This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
Script made in python to try to have as few detections as possible in Virustotal.
Windows API Call Obfuscation
Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.
Lepton is a Lightweight ELF Parsing Tool that was designed specifically for analyzing and editing binaries with damaged or corrupted ELF headers.
AndrODet: An Adaptive Android Obfuscation Detector
Anti-Analysis technique, trick the debugger by Hiding events from it.
High performance anti-analysis header for Windows (Kernel & User) and Linux systems
The Kill-The-Code Python Program provides a robust mechanism for remotely controlling code execution by monitoring a specified URL for a kill signal. This script periodically checks the content of a file hosted at the provided URL and executes or halts execution based on the response. It also includes functionality for self-destruction.
demo of common anti-analysis techniques used by malware
Some anti QEMU trick used by in-the-wild malware.
Prevents Analytics for Websites and Games
Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique