{"id":25237027,"url":"https://github.com/CheckPointSW/InviZzzible","last_synced_at":"2025-10-26T12:30:32.519Z","repository":{"id":42451993,"uuid":"60847906","full_name":"CheckPointSW/InviZzzible","owner":"CheckPointSW","description":"InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.","archived":false,"fork":false,"pushed_at":"2022-04-05T11:05:24.000Z","size":27912,"stargazers_count":545,"open_issues_count":1,"forks_count":78,"subscribers_count":36,"default_branch":"master","last_synced_at":"2025-02-09T21:08:13.755Z","etag":null,"topics":["evasion","malware","research"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CheckPointSW.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.txt","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-06-10T13:01:04.000Z","updated_at":"2025-02-07T12:00:57.000Z","dependencies_parsed_at":"2022-08-12T10:00:40.558Z","dependency_job_id":null,"html_url":"https://github.com/CheckPointSW/InviZzzible","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2FInviZzzible","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2FInviZzzible/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2FInviZzzible/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CheckPointSW%2FInviZzzible/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CheckPointSW","download_url":"https://codeload.github.com/CheckPointSW/InviZzzible/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238320397,"owners_count":19452541,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["evasion","malware","research"],"created_at":"2025-02-11T15:33:25.996Z","updated_at":"2025-10-26T12:30:28.528Z","avatar_url":"https://github.com/CheckPointSW.png","language":"C++","funding_links":[],"categories":[":wrench: Tools"],"sub_categories":["Media"],"readme":"# InviZzzible\n\nContributed By Check Point Software Technologies LTD.\u003cbr /\u003e\nProgrammed by Stanislav Skuratovich.\u003cbr /\u003e\nPresented at:\n- ShmooCon 2017 by Alexander Chailytko and Stanislav Skuratovich.\n- Virus Bulletin 2016 by Alexander Chailytko and Stanislav Skuratovich.\n\nSlides: https://github.com/CheckPointSW/InviZzzible/blob/master/conferences/Skuratovich_Chailytko-DefeatingSandboxEvasion.pdf\n\u003cbr /\u003e\nVideo: https://archive.org/details/ShmooCon2017/ShmooCon2017+-+Defeating+Sandbox+Evasion.mp4\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/CheckPointSW/InviZzzible/blob/master/logo.png\" width=\"150\"/\u003e\n\u003c/p\u003e\n\nOverview\n========\n\nInviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them. Also, you can add and expand existing techniques yourself even without modifying the source code.\n\n## Supported environments\n* Cuckoo Sandbox\n* Joe Sandbox\n* VMWare virtualization products\n* VirtualBox\n* Hyper-V\n* Parallels\n* QEMU\n* BOCHS\n* Xen\n* VirtualPC\n* Sandboxie\n* Wine\n\nFeatures\n========\n\n* Generic tool that covers a lot of different virtual environment detection techniques and proposes fixes for that.\n* Easily extendable; support for new virtual environments can be added quickly.\n* As Cuckoo Sandbox is the most prevalent tool used for automated malware analysis, we include the detections of it as well.\n* Ability to introduce new detection techniques not through modifying the source code, but using the JSON configuration files, so the whole community can contribute towards the development of that tool.\n* User-friendly reports about the checked environment that can be shared within the organization among the purely technical guys as well as higher management.\n\nConfigurations\n==============\n\nYou can build InviZzzible with a built-in set of default configurations to make it work without command line arguments.\nWe added two examples of build configurations for your convenience:\n* vmware\n* cuckoo vmware generic\n\nTo build InviZzzible with your own custom set of configurations, open Project Properties -\u003e Configuration Properties -\u003e \nBuild Events -\u003e Pre-Build Event, and change the list of evasion configuration names in the Command Line property after \n`python gen_default_data.py`. Example:\n```shell\npython gen_default_data.py generic vmware misc\n```\n\nYou can find the list of available configurations [here](config).\n\nCredits\n=======\n\n* Aliaksandr Trafimchuk\n* Alexey Bukhteyev\n* Raman Ladutska\n* Yaraslau Harakhavik\n* VMDE project\n* Pafish project\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCheckPointSW%2FInviZzzible","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCheckPointSW%2FInviZzzible","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCheckPointSW%2FInviZzzible/lists"}