pafish
VM/SAE detector
A tool to detect virtual machines and malware analysis environments by analyzing system behavior similar to malware detection methods.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
3k stars
176 watching
465 forks
Language: C
last commit: 8 months ago
Linked from 1 awesome list
analysis-environmentsmalwaremalware-analysismalware-familiesmalware-researchrdtscreverse-engineeringsandboxvirtual-machine
rshipp/awesome-malware-analysisRelated projects:
| Repository | Description | Stars |
|---|---|---|
 joesecurity/pafishmacro | An Office document designed to test and analyze malware detection systems | 278 |
 nsmfoo/antivmdetection | A tool to create templates making VirtualBox VM detection harder | 717 |
 gosecure/malboxes | Automates malware analysis on Windows VMs for research and testing purposes. | 1,036 |
 3coresec/automata | Automated tool to detect errors in security monitoring and measure effectiveness of SIEM rules against various behaviors. | 53 |
 idiom/pftriage | Tool to analyze files during malware analysis and triage by extracting properties and detecting malicious indicators. | 77 |
 navytitanium/fake-sandbox-artifacts | Creates artificial artifacts to evade malware detection and analysis | 252 |
 sophos/sorel-20m | A large-scale dataset and codebase for training machine learning models to detect malicious software | 646 |
 exeinfoasl/asl | An executable file detector software that identifies packers, protectors, compilers, .NET obfuscators, and other types of malware or unwanted code. | 772 |
 csvl/sema | Analyzes malware by extracting and comparing system call dependencies to classify and detect malicious behavior | 101 |
 aau-network-security/haaukins | A platform providing automated virtualization environments for security education and vulnerability testing | 188 |
 withsecureopensource/see | An environment for building secure and isolated test automation frameworks for analyzing and testing malware | 816 |
 hasherezade/hollows_hunter | Analyzes running processes to detect and dump malicious code | 2,047 |
 mhaggis/hunt-detect-prevent | A collection of resources and tools for detecting and preventing malicious activity on Windows systems. | 162 |
 rajiv2790/falconeye | A real-time detection software for Windows process injections | 291 |
 stvemillertime/conventionengine | Detects and identifies suspicious PDB paths in malware files using Yara rules. | 37 |