Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
-
Updated
Oct 6, 2024 - C++
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Sandbox evasion code snippets developped in Golang
I completely russified and modified njrat and added an interface I am not criminally responsible for what you do with my program
Sandbox/Heuristic PowerShell Bypass
The RDP-Stealer is C++ malware that targets Remote Desktop Protocol (RDP) processes. It acts as a keystroke logger, capturing credentials provided by users in RDP and sending back encrypted data to a C2 server.
A tool for stealth persistence and bypassing security controls on Windows systems through shadow cache manipulation and direct syscall invocation.
A Python tool to detect sandbox environments by monitoring user input through Windows API calls. Ideal for researchers and security enthusiasts.
Add a description, image, and links to the sandbox-evasion topic page so that developers can more easily learn about it.
To associate your repository with the sandbox-evasion topic, visit your repo's landing page and select "manage topics."