Skip to content

1.7 Release
Compare
Choose a tag to compare
@kernelwernel kernelwernel released this 01 Aug 21:43
· 212 commits to main since this release
v1.7
c95c55e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

  • added better heuristic checks for Hyper-V host virtualisation

  • added argument handler improvements to the CLI

  • added VM type information to the CLI

  • added 4 new techniques:

    • VM::CPUID_SIGNATURE
    • VM::HYPERV_BITMASK
    • VM::KVM_BITMASK
    • VM::KGT_SIGNATURE

  • added 7 new VM brands:

    • Jailhouse
    • Apple VZ
    • Intel KGT (Trusty)
    • VMware Fusion
    • Microsoft Azure Hyper-V
    • Xbox NanoVisor (Hyper-V)
    • SimpleVisor

  • renamed VM brand "Thread Expert" to "ThreatExpert" (i fucked up)

  • renamed VM::HYPERV_CPUID technique to VM::CPUID_BITSET

  • removed VM::EXTREME settings flag

  • removed 2 techniques (both due to potential false positives):

    • VM::CPUID_SPACING
    • VM::CPUID_0X4
Assets 8
Loading