Repository navigation
anti-sandbox
- Website
- Wikipedia
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
A tool to detect and crash Cuckoo Sandbox
.NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.
This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
Detects virtual machines and malware analysis environments
Detect virtual environment
A Malware Scarecrow for Windows 10/11 with a user-friendly touch.
Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package.
Some anti QEMU trick used by in-the-wild malware.
Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows
Some anti-sandbox techniques implemented in Golang.
Apate performs anti-debugging, anti-VM and anti-sandbox tests, to see if your linux system is able to stay under the radar.
A pintool for protecting a sandbox application of common anti-virtualmachine and anti-sandbox detection techniques
This repository contains the c# code which is using latest persistence technique and multiple anti-vm, anti-sandboxes techniques. Creating persistence by using WindowsApps folder, schtasks, powershell cmdlet (Get-Variable).
Effective cloud sandbox detection from ring 3
#seccamp 2014 CTF softsec (Reverse 400pt)
OnyDetect is a lightweight, cross-platform library designed to detect virtual machines (VMs) and sandboxes by leveraging multiple detection techniques. It helps identify whether the program is running in a monitored environment, which can be useful for security, malware analysis, and anti-analysis mechanisms.
Attempts to trick malware using techniques from NavyTitanium/Fake-Sandbox-Artifacts