GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → tklengyel → Drakvuf

tklengyel / Drakvuf

Licence: other
DRAKVUF Black-box Binary Analysis

Programming Languages

c
50402 projects - #5 most used programming language
introspection
24 projects

Labels

malware-analysisvirtualization

Projects that are alternatives of or similar to Drakvuf

See
Sandboxed Execution Environment
Stars: ✭ 770 (+22.61%)
Mutual labels:  malware-analysis, virtualization
vminspect
Tools for inspecting disk images
Stars: ✭ 25 (-96.02%)
Mutual labels:  virtualization, malware-analysis
Simpleator
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (-58.6%)
Mutual labels:  malware-analysis, virtualization
Stringsifter
A machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 469 (-25.32%)
Mutual labels:  malware-analysis
Flare Emu
Stars: ✭ 487 (-22.45%)
Mutual labels:  malware-analysis
Libhermit Rs
libhermit-rs: A Rust-based library operating system
Stars: ✭ 558 (-11.15%)
Mutual labels:  virtualization
Virtlet
Kubernetes CRI implementation for running VM workloads
Stars: ✭ 620 (-1.27%)
Mutual labels:  virtualization
Includeos
A minimal, resource efficient unikernel for cloud services
Stars: ✭ 4,516 (+619.11%)
Mutual labels:  virtualization
Speakeasy
Windows kernel and user mode emulation.
Stars: ✭ 605 (-3.66%)
Mutual labels:  malware-analysis
Ops
ops - build and run nanos unikernels
Stars: ✭ 552 (-12.1%)
Mutual labels:  virtualization
Vagrant
Vagrant is a tool for building and distributing development environments.
Stars: ✭ 23,108 (+3579.62%)
Mutual labels:  virtualization
Whonix
Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. https://www.whonix.org
Stars: ✭ 490 (-21.97%)
Mutual labels:  virtualization
Malware Samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Stars: ✭ 565 (-10.03%)
Mutual labels:  malware-analysis
Apklab
Android Reverse-Engineering Workbench for VS Code
Stars: ✭ 470 (-25.16%)
Mutual labels:  malware-analysis
Vic
vSphere Integrated Containers Engine is a container runtime for vSphere.
Stars: ✭ 607 (-3.34%)
Mutual labels:  virtualization
Linux.mirai
Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
Stars: ✭ 466 (-25.8%)
Mutual labels:  malware-analysis
Runtime
OCI (Open Containers Initiative) compatible runtime using Virtual Machines
Stars: ✭ 588 (-6.37%)
Mutual labels:  virtualization
Antivmdetection
Script to create templates to use with VirtualBox to make vm detection harder
Stars: ✭ 527 (-16.08%)
Mutual labels:  malware-analysis
Vm Bhyve
Shell based, minimal dependency bhyve manager
Stars: ✭ 507 (-19.27%)
Mutual labels:  virtualization
Nanos
A kernel designed to run one and only one application in a virtualized environment
Stars: ✭ 557 (-11.31%)
Mutual labels:  virtualization
View All Similar Projects ➔

DRAKVUF™

Introduction

DRAKVUF is a virtualization based agentless black-box binary analysis system. DRAKVUF allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special software within the virtual machine used for analysis.

Hardware requirements

DRAKVUF uses hardware virtualization extensions found in Intel CPUs. You will need an Intel CPU with virtualization support (VT-x) and with Extended Page Tables (EPT). DRAKVUF is not going to work on any other CPUs (such as AMD) or on Intel CPUs without the required virtualization extensions.

Supported guests

DRAKVUF currently supports:

  • Windows 7 - 8, both 32 and 64-bit
  • Windows 10 64-bit
  • Linux 2.6.x - 5.x, both 32-bit and 64-bit

Pre-built Debian packages

You can find pre-built Debian packages of the latest DRAKVUF builds at https://github.com/tklengyel/drakvuf-builds/releases

Malware analysis

DRAKVUF provides a perfect platform for stealthy malware analysis as its footprint is nearly undectebable from the malware's perspective. While DRAKVUF has been mainly developed with malware analysis in mind, it is certainly not limited to that task as it can be used to monitor the execution of arbitrary binaries.

Graphical frontend

If you would like a full-featured DRAKVUF GUI to setup as automated analysis sandbox, check out the DRAKVUF Sandbox project.

More information can be found on the project website: https://drakvuf.com

Build Status Coverity Scan Build Status

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].