Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

Linux anti-debugging and anti-analysis rust library

Windows API Call Obfuscation

This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools

Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.

Script made in python to try to have as few detections as possible in Virustotal.

Some anti QEMU trick used by in-the-wild malware.

Create Anti-Copy DRM Malware

AndrODet: An Adaptive Android Obfuscation Detector

Lepton is a Lightweight ELF Parsing Tool that was designed specifically for analyzing and editing binaries with damaged or corrupted ELF headers.

Test for Anti-Debugging

Anti-Analysis technique, trick the debugger by Hiding events from it.

#seccamp 2014 CTF softsec (Reverse 400pt)

demo of common anti-analysis techniques used by malware

ESET CrackMe Analysis

XOR-encrypted shellcode injector for memory-based execution in remote processes, with integrated anti-analysis techniques.

Binary obfuscation, anti-reversing, anti-debugging and av-bypass framework for Windows

[Incomplete] Various .NET Anti-Debug and Anti-VM techniques