Put sandbox detection to bed. Advanced sandbox detection and evasion for Golang.
SandMan is a set of advanced tools for detecting and evading malware analysis sandboxes. Based on the work of ColdFire and VM-Detection, SandMan combines and expands upon these detection methods into a full toolset for evading sandboxes.
In an effort to provide blue-team members better resources, SandMan is a transparent way to test the most effective detection and evasion techniques being used by Malware today. Additonally, those who build red-team tools will benfit from a fully self-contained evasion and detection module for attack simulations and pen-testing.
SandMan uses a varitey of scoreing methods to return a score which represents the likelyhood that the OS is being run as a VM.