Harvester57 / CodeIntegrity-DriverBlocklistLinks
☆20Updated 4 months ago
Alternatives and similar repositories for CodeIntegrity-DriverBlocklist
Users that are interested in CodeIntegrity-DriverBlocklist are comparing it to the libraries listed below
Sorting:
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 3 years ago
- Small visualizator for PE files☆70Updated 2 years ago
- Windows kernel PDB data parsed into YAML☆41Updated 10 months ago
- Example/starter code for custom Windows application compatibility shims☆36Updated 4 years ago
- Windows Process Lockdown Tool using Job Objects☆70Updated 11 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆40Updated last year
- A Practical example of ELAM (Early Launch Anti-Malware)☆35Updated 3 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 3 years ago
- Windows Event Log Knowledge Base☆26Updated 11 months ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Updated 4 years ago
- Demos and presentation from SECArmy Village Grayhat 2020☆37Updated 2 years ago
- A small library helping to parse commandline parameters (for C/C++)☆58Updated 4 months ago
- Code samples that serve as references for Windows API functions☆35Updated last year
- ☆25Updated last year
- Command line utility for copying files on NTFS using low level disk access☆36Updated last year
- Sysmon shenanigans☆66Updated 4 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 4 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆12Updated 6 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆28Updated 3 years ago
- ☆26Updated 3 years ago
- SoulExtraction is a windows driver library for extracting cert information in windows drivers☆24Updated 2 years ago
- ☆63Updated last year
- A ready-made template for a project based on libpeconv.☆49Updated 7 months ago
- ☆29Updated last month
- ☆57Updated 11 months ago
- A tool to create COM class/interface relationships in neo4j☆50Updated 2 years ago
- xlrd2 is a variant of xlrd that is actively maintained☆23Updated last year
- Neutralize KEPServerEX anti-debugging techniques☆32Updated 2 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆57Updated 2 weeks ago