OpenHuizeBox is a compliance-positioned fork of VirtualBox OSE for privacy-audit research. It surfaces every hardware-identity knob that commercial software and malware use to profile their host — CPUID brand, SMBIOS tables, ACPI OEM IDs, disk model & serial, NIC OUI — as visible, per-VM settings you can toggle, document, and reproduce.
Pick a profile (Dell OptiPlex, Lenovo ThinkPad, generic OEM workstation) and apply realistic SMBIOS / ACPI / disk / MAC values to a single VM. No hidden magic — every change is a visible VBoxManage setextradata line you can audit.
The Realistic Hardware Identity groupbox sits inside Motherboard, Processor, Display, Storage and Network tabs — configure next to the native VBox controls, not in a separate “mystery” dialog.
One-click network capture (pktmon), TLS root CA generation for traffic inspection, outbound tracker classifier and before/after snapshot diff. Designed to answer: what did this app call home about?
Tested against the four common commodity VM detectors — Pafish, Al-Khaser, VMAware, InviZzzible — with a documented, honest layer taxonomy (L1 extradata → L5 VMM patches) and a published out-of-reach list.
GPL v3, full source, deterministic build via kBuild. Windows file properties list OpenHuizeBox Project, not Oracle — no silent vendor leakage.
Advanced features (TCP fingerprint shaping, TTL rewrite) ship as optional kernel extensions behind a self-sign wizard. If you don’t need them, don’t install them — the base VM works with Oracle-level signing guarantees.
OpenHuizeBox is distributed under GPL v3 for lawful privacy-audit research. See governance for the full statement of intended use and the published out-of-scope list.