Skip to content

1.7 Release

Compare
Choose a tag to compare
@kernelwernel kernelwernel released this 01 Aug 21:43
· 261 commits to main since this release
c95c55e
  • added better heuristic checks for Hyper-V host virtualisation

  • added argument handler improvements to the CLI

  • added VM type information to the CLI

  • added 4 new techniques:

    • VM::CPUID_SIGNATURE
    • VM::HYPERV_BITMASK
    • VM::KVM_BITMASK
    • VM::KGT_SIGNATURE
  • added 7 new VM brands:

    • Jailhouse
    • Apple VZ
    • Intel KGT (Trusty)
    • VMware Fusion
    • Microsoft Azure Hyper-V
    • Xbox NanoVisor (Hyper-V)
    • SimpleVisor
  • renamed VM brand "Thread Expert" to "ThreatExpert" (i fucked up)

  • renamed VM::HYPERV_CPUID technique to VM::CPUID_BITSET

  • removed VM::EXTREME settings flag

  • removed 2 techniques (both due to potential false positives):

    • VM::CPUID_SPACING
    • VM::CPUID_0X4