pafish
al-khaser
Our great sponsors
pafish | al-khaser | |
---|---|---|
17 | 5 | |
2,996 | 5,521 | |
- | - | |
5.5 | 5.7 | |
over 2 years ago | about 1 month ago | |
C | C++ | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pafish
-
Is there still a way to counter virtual machine detection by popular anti cheat?
Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.
-
How to play rainbow 6 siege?
You can do it however that requires extensive Research. There are Things such as https://github.com/a0rtega/pafish That Help you get the First detection vectors sorted. However hate to say it but youll be better off actually coding a "Cheat" that Patches the vm Checks the Game does in Order to Play.
-
Makes perfect sense
Yes. For example: https://github.com/a0rtega/pafish
-
I came again to bother you guys
You can check what thing are detected by using -> https://github.com/a0rtega/pafish Normally VM Exit and Virtual Input devices are detected. But it still works for 99% of the games.
-
Error on BattlEye when getting into bus
I have been working on obfuscating my vm, the results are mixed... A good start is to use paranoid fish , tools gives you an idea how it detects vm's :)
-
VMware Shared Folders
So I suppose that it depends on the malware. Some malware doesn't want to take the chance of being reverse engineered, so when it's aware that it is in a virtual machine, it might shut down. pafish has functionality for working out whether-or-not it is running in a VMware instance.
-
VFIO current status with anti cheats?
Last time when I tried to run Valorant just BSoD the VM Everything else works (EAC, BE, Ricochet, etc...). You can test if your VM can be detected using this tool.
- Virtualization hypervisors what the heck...
-
Gaming VM under nested virtualization
Does soft as pafish https://github.com/a0rtega/pafish will detect RDTSC VM exit on wraped WinVM?
-
Does Windows think I'm running on VM? Not sure where to look.
You can use pafish to test vm detection methods. https://github.com/a0rtega/pafish
al-khaser
- My neat little internal CS:GO cheat project for Linux
- Virtualization hypervisors what the heck...
-
[Paid] Seeking RE Help.
Have you tried the normal VM modifications to make the VM undetectable? Like changing the CPUID identifier and all the other stuff? Also, check this resource, maybe you find something that looks familiar: https://github.com/LordNoteworthy/al-khaser . Here you can check if your VM is “authentic” enough. Hope that helps! Good luck!
-
Security research homelab, made with <3
To avoid detection of something like a cuckoo I would use https://github.com/nsmfoo/antivmdetection and test it with https://github.com/therealdreg/anticuckoo and https://github.com/LordNoteworthy/al-khaser
-
VM Detection Tricks, Part 2: Driver Thread Fingerprinting
Check out al-khaser on GitHub for a tool that implements dozens of VM detection tricks.
What are some alternatives?
VmwareHardenedLoader - Vmware Hardened VM detection mitigation loader (anti anti-vm)
inside-vm - Detect if code is running inside a virtual machine (x86 and x86-64 only).
RDTSC-KVM-Handler - my patches for linux kernel to spoof rdtsc and make vm exit undetected
antivmdetection - Script to create templates to use with VirtualBox to make vm detection harder
opencanary - Modular and decentralised honeypot
VMDE - Source from VMDE paper, adapted to 2015
UBoat - HTTP Botnet
Reverse-Engineering-Tutorial - A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Orca - Orca is an Advanced Malware with multifeatures written in C/C++ , work on all windows versions !
cuckoo-modified - Modified edition of cuckoo
ddoor - DDoor - cross platform backdoor using dns txt records