GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CheckPointSW → Invizzzible

CheckPointSW / Invizzzible

Licence: gpl-3.0
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.

Labels

malwareresearchevasion

Projects that are alternatives of or similar to Invizzzible

Hacktheworld
An Python Script For Generating Payloads that Bypasses All Antivirus so far .
Stars: ✭ 527 (+96.64%)
Mutual labels:  malware, evasion
FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+57.09%)
Mutual labels:  research, malware
Green Hat Suite
Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.
Stars: ✭ 112 (-58.21%)
Mutual labels:  malware, evasion
Xeexe Topantivirusevasion
Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (+44.4%)
Mutual labels:  malware, evasion
cerberus research
Research tools for analysing Cerberus banking trojan.
Stars: ✭ 110 (-58.96%)
Mutual labels:  research, malware
Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (+19.03%)
Mutual labels:  research, malware
Android unpacker
A (hopefully) generic unpacker for packed Android apps.
Stars: ✭ 320 (+19.4%)
Mutual labels:  research, malware
unprotect
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
Stars: ✭ 75 (-72.01%)
Mutual labels:  malware, evasion
showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Stars: ✭ 132 (-50.75%)
Mutual labels:  research, malware
JustEvadeBro
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
Stars: ✭ 63 (-76.49%)
Mutual labels:  malware, evasion
Anti-Debug-DB
Anti-Debug encyclopedia contains methods used by malware to verify if they are executed under debugging. It includes the description of various anti-debug tricks, their implementation, and recommendations of how to mitigate the each trick.
Stars: ✭ 20 (-92.54%)
Mutual labels:  research, malware
MsfMania
Python AV Evasion Tools
Stars: ✭ 388 (+44.78%)
Mutual labels:  malware, evasion
Whitecomet-Research
Research on malware creation and protection
Stars: ✭ 62 (-76.87%)
Mutual labels:  research, malware
M-Botnet
A C2 project that controls a self-propagating MS17-010 worm.
Stars: ✭ 39 (-85.45%)
Mutual labels:  malware
Pymeasure
Scientific measurement library for instruments, experiments, and live-plotting
Stars: ✭ 255 (-4.85%)
Mutual labels:  research
Yobi
Yara Based Detection Engine for web browsers
Stars: ✭ 39 (-85.45%)
Mutual labels:  malware
Open-source-tools-for-CTI
Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-66.04%)
Mutual labels:  malware
Mquery
YARA malware query accelerator (web frontend)
Stars: ✭ 264 (-1.49%)
Mutual labels:  malware
Community
Volatility plugins developed and maintained by the community
Stars: ✭ 252 (-5.97%)
Mutual labels:  malware
gff3toembl
Converts Prokka GFF3 files to EMBL files for uploading annotated assemblies to EBI
Stars: ✭ 27 (-89.93%)
Mutual labels:  research
View All Similar Projects ➔

InviZzzible

Contributed By Check Point Software Technologies LTD.
Programmed by Stanislav Skuratovich.
Presented at:

  • ShmooCon 2017 by Alexander Chailytko and Stanislav Skuratovich.
  • Virus Bulletin 2016 by Alexander Chailytko and Stanislav Skuratovich.

Slides: https://github.com/CheckPointSW/InviZzzible/blob/master/conferences/Skuratovich_Chailytko-DefeatingSandboxEvasion.pdf
Video: https://archive.org/details/ShmooCon2017/ShmooCon2017+-+Defeating+Sandbox+Evasion.mp4

Overview

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them. Also, you can add and expand existing techniques yourself even without modifying the source code.

Supported environments

  • Cuckoo Sandbox
  • Joe Sandbox
  • VMWare virtualization products
  • VirtualBox
  • Hyper-V
  • Parallels
  • QEMU
  • BOCHS
  • Xen
  • VirtualPC
  • Sandboxie
  • Wine

Features

  • Generic tool that covers a lot of different virtual environment detection techniques and proposes fixes for that.
  • Easily extendable; support for new virtual environments can be added quickly.
  • As Cuckoo Sandbox is the most prevalent tool used for automated malware analysis, we include the detections of it as well.
  • Ability to introduce new detection techniques not through modifying the source code, but using the JSON configuration files, so the whole community can contribute towards the development of that tool.
  • User-friendly reports about the checked environment that can be shared within the organization among the purely technical guys as well as higher management.

Credits

  • Aliaksandr Trafimchuk
  • Alexey Bukhteyev
  • Raman Ladutska
  • Yaraslau Harakhavik
  • VMDE project
  • Pafish project
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].