/DeViL

It is demonstration tool that contains collection techniques to detect the virtualisation environment in Linux Operating System.

Primary LanguagePythonGNU General Public License v2.0GPL-2.0

DeViL

Detect Virtual Machine in Linux

DeViL (Detect Virtual Machine in Linux) is a demonstration tool that employs several techniques to analyse the environment the same way a Linux malware would to detect if it is a virtual machine. The tool is built on File based and Instruction based Anti-VM techniques. It is implemented in python and C. The tool helps us show how the current VM configuration exposes itself to a malware without running any malicious software on it. Small write up is available here https://sreelakshmip.wordpress.com/2018/03/20/devil-detect-virtual-machine-in-linux/

USAGE:

$ ./DeViL.sh

SCREENSHOTS:

alt text alt text alt text

AUTHOR

Sreelakshmi (@srlkhmi)(https://twitter.com/#!/srlkhmi)