Overview of MS Defender
☆81Feb 20, 2026Updated last week
Alternatives and similar repositories for defender_overview
Users that are interested in defender_overview are comparing it to the libraries listed below
Sorting:
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆31Dec 31, 2025Updated 2 months ago
- The PoC for CVE-2025-70795 / CVE-2026-0828 and its update☆37Feb 16, 2026Updated last week
- ☆28Feb 11, 2026Updated 2 weeks ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆98Feb 10, 2026Updated 2 weeks ago
- EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify…☆100Feb 4, 2026Updated 3 weeks ago
- Hotkey-based keylogger for Windows☆32Oct 17, 2024Updated last year
- ☆36Feb 12, 2026Updated 2 weeks ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- doesnt work and wont work on it anymore☆10Jul 8, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- A stager and implant that executes remote Web Assembly☆37Feb 4, 2026Updated 3 weeks ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Microsoft Defender for Endpoint PowerShell module☆12Dec 28, 2023Updated 2 years ago
- A BOF that's a BOF Loader and more☆198Jan 17, 2026Updated last month
- Integer overflow in FreeType software, which also affects Chrome☆28Aug 27, 2025Updated 6 months ago
- A hoontr must hoont☆105Nov 27, 2025Updated 3 months ago
- Enigma decode/encode and cracking☆18May 5, 2021Updated 4 years ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- RunPE implementation with multiple evasive techniques (2)☆272Sep 25, 2025Updated 5 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆113Jan 29, 2026Updated last month
- A Rust template for writing Beacon Object Files (BOFs)☆100Feb 11, 2026Updated 2 weeks ago
- ☆13Feb 10, 2022Updated 4 years ago
- ☆18Jun 4, 2025Updated 8 months ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Manage and maintain Defender XDR custom collection configuration☆33Nov 19, 2025Updated 3 months ago
- .data ptr swapper for newer win32k versions. (Supports Windows 11)☆36Jan 19, 2026Updated last month
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 10 months ago
- The Mimikatz Missing Manual☆219Feb 5, 2026Updated 3 weeks ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Oct 11, 2025Updated 4 months ago
- ☆107Jan 4, 2023Updated 3 years ago
- AppLocker-Based EDR Neutralization☆321Dec 19, 2025Updated 2 months ago
- 操作系统真相还原学习过程记录存档☆18Jan 21, 2022Updated 4 years ago