Alternatives and similar repositories for simpleAVdriver

Users that are interested in simpleAVdriver are comparing it to the libraries listed below

• xiaobfly / AnalyzePdb
  ☆27Updated 6 years ago
• gerronjo / openlibs
  Open Source Libraries Collection
  ☆24Updated 9 years ago
• MiroKaku / ConMon
  Windows Console Monitor
  ☆34Updated 6 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 4 years ago
• weixu8 / RegistryMonitor
  Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…
  ☆21Updated 11 years ago
• 0x25bit / Labs
  ☆37Updated 6 years ago
• kernweak / Syscall-Monitor
  大表哥的Syscall-Monitor
  ☆34Updated 5 years ago
• wolk-1024 / CrossInject
  x86/x64 dll injector
  ☆30Updated 3 years ago
• NtRaiseHardError / Dreadnought
  PoC for detecting and dumping code injection (built and extended on UnRunPE)
  ☆56Updated 6 years ago
• SinaKarvandi / x64-Driver-Inline-Assembly
  This is a simple driver with x64 inline assembly
  ☆56Updated 4 years ago
• rwfpl / rewolf-ldrdebug
  Helper utility for debugging windows PE/PE+ loader.
  ☆52Updated 10 years ago
• namealt / winsdk10
  ☆27Updated 7 years ago
• hzqst / hidden
  Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
  ☆16Updated 6 years ago
• yuvatia / Win10GdiExploitation
  Exploiting HEVD's WriteWhatWhereIoctlDispatch for LPE on Windows 10 TH2 through RS3 using GDI objects.
  ☆24Updated 7 years ago
• meiningnie / HookNdis
  a network filter using NDIS hook technique
  ☆19Updated 12 years ago
• NtRaiseHardError / Anti-Delete
  Protects deletion of files with a specified extension using a kernel-mode driver.
  ☆75Updated 6 years ago
• SanseoLab / ProcLogger
  Windows Simple Process Logger implemented as driver
  ☆18Updated 7 years ago
• jnastarot / cleancall
  Library for using direct system calls
  ☆35Updated 4 months ago
• GravitLauncher / Avanguard
  fork HoShiMin Avanguard
  ☆20Updated 6 years ago
• 93aef0ce4dd141ece6f5 / Packer
  PoC executable packer using resources
  ☆31Updated 8 years ago
• sin5678 / A-Protect
  A-Protect Anti Rootkit Tool
  ☆53Updated 11 years ago
• MiroKaku / Learning-Example
  For Example. See Miro's Blog
  ☆30Updated 2 years ago
• Fyyre / directntapi
  DirectNtApi - simple method to make ntapi function call without importing or walking export table. Work under Windows 7, 8 and 10
  ☆53Updated last year
• 474172261 / DataProtector
  A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
  ☆27Updated 6 years ago
• mq1n / Wow64SyscallHook
  Wow64 syscall hook
  ☆40Updated 8 years ago
• SHA-MRIZ / FsMinfilterHooking
  ☆31Updated 4 years ago
• Barakat / windows.sandbox
  Windows sandbox PoC
  ☆31Updated 5 years ago
• zhuhuibeishadiao / DriverMaper
  map driver to memory
  ☆26Updated 6 years ago
• tandasat / hyperplatform_log_parser
  User-mode program parsing logs created by HyperPlatform
  ☆18Updated 8 years ago
• Cr4sh / PTBypass-PoC
  Bypassing code hooks detection in modern anti-rootkits via building faked PTE entries.
  ☆78Updated 14 years ago