Home

Awesome

InviZzzible

Contributed By Check Point Software Technologies LTD.<br /> Programmed by Stanislav Skuratovich.<br /> Presented at:

Slides: https://github.com/CheckPointSW/InviZzzible/blob/master/conferences/Skuratovich_Chailytko-DefeatingSandboxEvasion.pdf <br /> Video: https://archive.org/details/ShmooCon2017/ShmooCon2017+-+Defeating+Sandbox+Evasion.mp4

<p align="center"> <img src="https://github.com/CheckPointSW/InviZzzible/blob/master/logo.png" width="150"/> </p>

Overview

InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them. Also, you can add and expand existing techniques yourself even without modifying the source code.

Supported environments

Features

Configurations

You can build InviZzzible with a built-in set of default configurations to make it work without command line arguments. We added two examples of build configurations for your convenience:

To build InviZzzible with your own custom set of configurations, open Project Properties -> Configuration Properties -> Build Events -> Pre-Build Event, and change the list of evasion configuration names in the Command Line property after python gen_default_data.py. Example:

python gen_default_data.py generic vmware misc

You can find the list of available configurations here.

Credits