HackingTeam is using WMI to detect VM's [1], if no one picks this one up I will implement them in Pafish.

[1] https://github.com/informationextraction/scout-win/blob/master/core-scout-win32/antivm.cpp

Feel free to integrate VBox and VMware detections if you want.

I see AntiCuckoo() is just a stealth function, not used for detection so it's not relevant here.

I think I have a way of implementing the AntiCuckoo() as a detection ;)

Created pull request #39 that implements HackingTeam checks, I was able to transform the anti-Cuckoo crash function into a check :D

Awesome contribution :)

I've merged into dev, will discuss in the PR.