From 408db762735fad260b169a61c595e0d6640cd187 Mon Sep 17 00:00:00 2001
From: Daniele Cono D'Elia <dcdelia@users.noreply.github.com>
Date: Wed, 3 Jun 2020 00:54:19 +0200
Subject: [PATCH] BluePill (Black Hat Europe 2019)

https://www.blackhat.com/eu-19/briefings/schedule/index.html#bluepill-neutralizing-anti-analysis-behavior-in-malware-dissection-17685
https://www.diag.uniroma1.it/~delia/papers/tifs20.pdf
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index c663ae2..8ffa2f1 100644
--- a/README.md
+++ b/README.md
@@ -533,6 +533,7 @@ the [browser malware](#browser-malware) section.*
 * [Binary ninja](https://binary.ninja/) - A reversing engineering platform
   that is an alternative to IDA.
 * [Binwalk](https://github.com/devttys0/binwalk) - Firmware analysis tool.
+* [BluePill](https://github.com/season-lab/bluepill) - Framework for executing and debugging evasive malware and protected executables.
 * [Capstone](https://github.com/aquynh/capstone) - Disassembly framework for
   binary analysis and reversing, with support for many architectures and
   bindings in several languages.