Invisibletothe
target.Faithfulto
the operator.
Red team infrastructure that can't be fingerprinted. Malware analysis that sees ground-truth behavior.
x86-64 hypervisor. Zero dependencies. Designed to eliminate common VM artifacts across CPU, firmware, and device surfaces.
Your operational infrastructure runs on hardware that doesn't exist.
Every relay, staging box, and attack platform runs as an ONYX guest with a hardware identity you control. The MAC on the wire, the SMBIOS serials, the CPUID, the BIOS strings. Pick a target-matched profile or generate a new one per session.
Your attack platform presents as a Dell OptiPlex on the wire.
C2 relays, staging boxes, and attack platforms all run as ONYX guests with the hardware identity you choose. The MAC matches a Dell OUI. DHCP fingerprinting sees a standard Windows workstation. EDR agents running inside report bare-metal hardware to their cloud consoles. NAC that checks MAC and OS fingerprint lets you on.
Nothing crosses between operations.
Each engagement runs in its own ONYX instance with its own hardware identity, OS install, and persistent disk. If one gets burned and analyzed, no artifact in it connects to any other operation. Isolation is a property of the architecture, not a procedure someone has to follow.
Swap the vendor profile. Boot the same disk. Everything changes except your work.
SOC flags a machine matching a specific fingerprint. Shut down, swap the profile, reboot. Different CPUID, SMBIOS serials, MAC, BIOS strings. The IOCs they just pushed match nothing. Your tooling and staging are where you left them.
Your tools refuse to run in VMs. They run on ONYX.
Hardware-locked licensing, anti-sandbox implants, exploit code that checks the environment before firing. ONYX passes every probe they throw. The entire toolkit runs in a VM none of it can detect.
Snapshot before the risky move. Roll back if it burns. Resume if it doesn't.
Persistent sparse disk images keep your OS, tools, configs, and collected data across sessions. Snapshot, attempt, restore if needed. The identity rotates but the operational state carries forward.
Clone the target's hardware profile. Install their EDR. Run the kill chain.
Match the target's OS build and security stack on an ONYX instance. See what gets caught and where the gaps are. By the time you touch the real network, you've already done the operation.
All capabilities designed for authorized red team engagements, adversary simulation, and security research.
Bare-metal deployment. Coming next.
Type-1 operates from VMX root on live hardware. No VM. No reboot. The same identity synthesis engine, running underneath the OS instead of around it.
Load underneath a running OS. No reboot. No driver signature.
Type-1 enters VMX root on a live system. The OS continues as a guest. Your code runs below the kernel, below the EDR, below Hyper-V. EPT-hidden memory gives you a storage layer the guest cannot address.
VBS protects secrets from the kernel. You're not the kernel.
Credential Guard isolates LSASS in VTL1, walled off by Hyper-V's EPT. ONYX Type-1 nests underneath Hyper-V with VMCS12 shadowing. EPT composition walks Hyper-V's own page tables from VMX root.
The detection surface is everywhere
Every major hypervisor leaks identity through hardware interfaces that malware routinely checks.
Leaf 0x1: hypervisor present bit. Leaf 0x40000000: vendor string.
VMware, VirtualBox, Hyper-V all self-identify
Hypervisor-only MSRs like IA32_VMX_PROCBASED_CTLS2 expose control fields that only exist inside a VM.
VMs leak MSR values that bare metal never surfaces
RDTSC before and after CPUID. VMs add exit latency that bare metal never shows.
Statistical detection with enough samples
Type 1: System manufacturer. 'QEMU', 'VirtualBox', 'VMware' in plaintext.
dmidecode shows it immediately
1234:1111 is Bochs VGA. 8086:7010 is PIIX3 IDE. Neither is real hardware.
lspci is a one-line detection
RSDT OEM ID: 'BOCHS', 'VBOX'. Creator: 'BXPC'.
acpidump reveals the origin
Patching one surface doesn't help.
Malware checks all of them.
Indistinguishable from real hardware
CPUID, RDTSC, IDT, LDT, GDT, I/O ports
32 checksCPU, memory, registry, timing, devices, drivers
80+ checksKernel-level hypervisor detection
18 checksSIDT/SGDT descriptor table displacement
6 checksVMware/VirtualBox backdoor ports
12 checksStatistical timing, sample pairs
1K+ checks
A perfectly clean profile would itself be a signal. ONYX produces results consistent with real hardware -- including the kind of minor variance bare-metal systems exhibit.
Full results available under NDA.
From-scratch x86-64 hypervisor.
Zero dependencies. Every surface controlled.
Stealth VM
Windows userspace. Boots any x86 OS from ISO.
- Windows 11 UEFI boot with TPM 2.0 + Secure Boot
- 30+ CPUID leaves intercepted and synthesized
- 75+ MSRs with vendor-correct responses
- Per-session randomized hardware fingerprint
- Intel Skylake through Raptor Lake profiles
- AMD Zen through Zen 4 profiles
- 8 OEM vendor profiles (Dell, HP, Lenovo, ASUS, MSI, Gigabyte, ASRock, Acer)
- UEFI + Legacy BIOS boot
- E1000 NIC with NAT networking
- Persistent NTFS sparse disk images
Bare-Metal
Raw VMX/EPT from ring 0. Slides under a running OS without reboot.
- Direct VMLAUNCH/VMRESUME from ring 0
- EPT identity map with 4KB granularity
- Hypervisor memory hidden via EPT permission bits
- MTF single-step for transparent page unhide
- Per-vCPU EPT clones (no cross-CPU races)
- Hardware TSC_OFFSET for timing stealth
- VM exit latency subtracted from guest TSC
- Nested VMX with VMCS12 shadowing
- VTL extraction behind Credential Guard
- PAL: Linux, Windows, UEFI targets
Internally consistent across all surfaces per session. No two boots produce the same identity.
Zero external dependencies
No QEMU. No libvirt. No virtio. No third-party libraries. Each target links against its host OS APIs and nothing else. Every hardware surface is under direct control. No transitive trust. No dependency updates that change behavior under you. The binary you audit is the binary that runs.
You can't patch your way to invisible
Every surface has to be correct. And every surface has to be consistent with every other surface. Changing one string in one config file leaves dozens of correlated signals untouched.
Clear the hypervisor bit. Maybe spoof the vendor string.
Leaf 0x02 cache descriptors don't match the CPU you claimed in leaf 0x01. Leaf 0x06 thermal bits are wrong for that generation. Topology in 0x0B is missing. 0x40000000 still responds instead of returning zeros.
30+ leaves synthesized per CPU profile. Cache descriptors, thermal management, topology, extended features all match the specific stepping. Hypervisor range returns zeros. Feature bits built from scratch, not masked from the host.
Hide VMX MSRs. Return zeros for the rest.
IA32_ARCH_CAPABILITIES has the wrong bits for Coffee Lake vs Skylake. Thermal MSR 0x19C returns a constant instead of drifting. MPERF/APERF are zero instead of tracking wall time. IA32_PLATFORM_INFO doesn't match the brand string frequency.
75+ MSRs with generation-specific values. Thermal readings drift with Knuth hash. MPERF/APERF increment proportional to elapsed TSC. Platform info, turbo ratios, microcode version, arch capabilities all match the profiled CPU.
Change the manufacturer string from 'QEMU' to 'Dell'.
UUID format is wrong. DIMM configuration is missing. No port connectors, no voltage probes, no cooling devices. 5 structures instead of 42. Chassis type doesn't match the product name. Board serial is empty.
42+ SMBIOS structure types. DIMMs sum to actual RAM with speed capped to CPU max. Sensor probes with randomized baselines. Port connectors, PCI slots, language info. Everything matches the vendor profile.
Spoof the VGA device ID.
Host bridge is still i440FX (0x1237) from 1996. ISA bridge is PIIX3. SMBus, HD Audio, USB controllers are missing. Subsystem vendor IDs are zeros. The bus looks like 3 devices instead of 12.
Full PCI bus: host bridge, ISA, VGA, IDE/SATA, SMBus, audio, USB, NIC. All device IDs from the profiled chipset generation. Per-device subsystem IDs from real OEMs. Revision numbers. Capability structures.
Apply a TSC offset.
VM exit overhead adds 500-2000 cycles to CPUID. It's flat and constant. Real hardware has per-leaf variance with occasional cache miss spikes. 100 samples is enough to build a statistical classifier.
Per-operation Gaussian jitter via CLT. Per-leaf CPUID timing calibrated to bare-metal baselines. Per-port I/O timing. Cache miss spike simulation with randomized probability. Per-session randomized distributions.
Change the OEM ID from 'BOCHS' to something else.
Creator ID still says 'BXPC'. DSDT has no device tree. No thermal zones, no sleep button, no embedded controller. The FADT points to a minimal FACS. OEM revision is 0 instead of a plausible date.
Full DSDT with PWRB, SLPB, RTC0, HPET, keyboard, mouse, thermal zones, sleep states. Creator ID matches BIOS vendor (AMI uses INTL, Dell uses DELL). OEM revision encoded from randomized BIOS date.
This isn't one clever trick.
It's hundreds of correct decisions about x86 hardware identity, validated against real silicon, maintained across Intel Skylake through Raptor Lake and AMD Zen through Zen 4. Every new detection technique malware develops requires a response across multiple correlated surfaces. The depth of coverage is the differentiator.
Request a briefing
ONYX is available to vetted security organizations under NDA. Tell us what you're working on.