Skip to content

Commit 6f303c2

Browse files
ShellCode33ShellCode33
committed
Add README
1 parent 6b39a1c commit 6f303c2

1 file changed

Lines changed: 20 additions & 0 deletions

File tree

README.md

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
# VM Detection
2+
3+
This project is a Go implementation of well-known techniques trying to detect if the program is being run in a virtual machine.
4+
5+
Why doing this in Go ? Because there are many C programs already doing this, but none written in pure Go.
6+
7+
## GNU/Linux techniques
8+
9+
- Look for known strings in the DMI table (/dev/mem)
10+
- Look for hints in the kernel ring buffer (/dev/kmsg)
11+
- Look for virtual chassis in systemd configuration
12+
13+
## Windows techniques
14+
15+
Coming soon...
16+
17+
## Resources
18+
19+
![systemd-detect-virt source code](https://github.com/systemd/systemd/blob/master/src/basic/virt.c)
20+
![Malware evasion techniques](https://www.deepinstinct.com/2019/10/29/malware-evasion-techniques-part-2-anti-vm-blog/)

0 commit comments

Comments
 (0)