bRootForceOfficial/vbox_stealth: Bash script that spoofs hardware identifiers and some other things to better disguise a VirtualBox VM

Source: GitHub

Author: unknown

URL: https://github.com/bRootForceOfficial/vbox_stealth

https://github.com/bRootForceOfficial/vbox_stealth

ONE SENTENCE SUMMARY:

Bash scripts modify VirtualBox VMs to mimic real hardware, enhancing stealth and reducing detectability at both hypervisor and OS levels.

MAIN POINTS:

1. Scripts customize VirtualBox VMs with realistic hardware identifiers to evade detection.
2. vbox_stealth.sh configures stealth settings; undo.sh reverts changes.
3. Best results achieved using scripts with VBoxCloak by Kyle Cucci.
4. Requires a Bash environment on Windows, such as Git Bash or WSL.
5. Presets include Dell, HP, Lenovo, and Asus for realistic configurations.
6. Scripts modify BIOS, system vendor, product names, UUID, and disable VirtualBox indicators.
7. After configuration, run VBoxCloak.ps1 to clean up OS artifacts.
8. Additional steps: remove Guest Additions, disable shared features, and verify hardware settings.
9. Detection remains due to VirtualBox architecture limitations.
10. Scripts are educational, requiring compliance with laws and terms of service.

TAKEAWAYS:

1. Enables VirtualBox VMs to appear as real hardware to guest OS.
2. Requires Bash environment on Windows for script execution.
3. Preset configurations facilitate realistic virtualization environments.
4. Complements VBoxCloak to reduce software level detectability.
5. Backups are created automatically; useful for educational and testing purposes only.