pafish

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

3409
463
C
pafish-logo

Pafish

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do.

The project is free and open source; the code of all the anti-analysis techniques is publicly available. Pafish executables for Windows (x86 32-bit and 64-bit) can be downloaded from the releases page.

pafish screenshot

Scope

The goal of this project is to collect techniques commonly observed in malware samples to evade analysis systems. This allows analysts to study them and test whether the analysis environments are properly implemented.

Building Pafish

Pafish is written in C and can be built with Mingw-w64 and make.

The wiki page “How to build” contains detailed instructions.

Author

Alberto Ortega and many awesome contributors.

License

GPL-3.0