Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
-
Updated
Mar 18, 2024 - C++
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Linux anti-debugging and anti-analysis rust library
This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
Windows API Call Obfuscation
Script made in python to try to have as few detections as possible in Virustotal.
Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.
Lepton is a Lightweight ELF Parsing Tool that was designed specifically for analyzing and editing binaries with damaged or corrupted ELF headers.
AndrODet: An Adaptive Android Obfuscation Detector
Anti-Analysis technique, trick the debugger by Hiding events from it.
demo of common anti-analysis techniques used by malware
Some anti QEMU trick used by in-the-wild malware.
Prevents Analytics for Websites and Games
Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows
FileRedirector
ESET CrackMe Analysis
#seccamp 2014 CTF softsec (Reverse 400pt)
Documentation including tools and techniques learned during development of ThirdEye.
Add a description, image, and links to the anti-analysis topic page so that developers can more easily learn about it.
To associate your repository with the anti-analysis topic, visit your repo's landing page and select "manage topics."