Harvester57 / CodeIntegrity-DriverBlocklistLinks
☆20Updated 4 months ago
Alternatives and similar repositories for CodeIntegrity-DriverBlocklist
Users that are interested in CodeIntegrity-DriverBlocklist are comparing it to the libraries listed below
Sorting:
- Windows Process Lockdown Tool using Job Objects☆70Updated 11 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 3 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Updated 5 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 3 years ago
- Small visualizator for PE files☆70Updated 2 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆28Updated 3 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- A small library helping to parse commandline parameters (for C/C++)☆58Updated 5 months ago
- Example/starter code for custom Windows application compatibility shims☆34Updated 4 years ago
- Sysmon shenanigans☆66Updated 5 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆12Updated 6 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Updated last year
- ☆29Updated last month
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- A ready-made template for a project based on libpeconv.☆50Updated 8 months ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆40Updated last year
- ☆28Updated 2 years ago
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆32Updated 3 years ago
- ☆63Updated last year
- BITS Transfers Manager☆43Updated 5 months ago
- Rekall Memory Forensic Framework☆33Updated 6 years ago
- allowing um r/w through km from um ioctl ™☆11Updated 3 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 4 years ago
- ☆18Updated 6 years ago
- Windows kernel PDB data parsed into YAML☆41Updated 11 months ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆24Updated 2 years ago
- Blocks drivers from loading by using a name collision technique. #nsacyber☆50Updated 7 years ago
- Code Integrity Violation Spotter☆17Updated last year