ZPetricusic / defender_signature_parserLinks
Short Python script for parsing Defender VDM signature files.
☆10Updated last year
Alternatives and similar repositories for defender_signature_parser
Users that are interested in defender_signature_parser are comparing it to the libraries listed below
Sorting:
- ☆32Updated 7 months ago
- a tiny program to consume from ETW providers for research☆51Updated 8 months ago
- rpv-web is a browser based frontend for the rpv library☆26Updated 4 months ago
- Rule Engine for Dynamic Malware Analysis and Research☆25Updated 5 months ago
- ☆89Updated 7 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆114Updated last year
- AppContainer tools for launching sandboxed win32 apps, changing ACL permissions and learning from ETW traces.☆22Updated 4 months ago
- Proof-of-concept modular implant platform leveraging v8☆56Updated 6 months ago
- Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator☆64Updated 6 months ago
- Code samples that serve as references for Windows API functions☆35Updated last year
- ☆20Updated 2 years ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆66Updated 2 years ago
- Windows kernel PDB data parsed into YAML☆41Updated 10 months ago
- ☆58Updated 2 years ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆81Updated 6 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆123Updated this week
- ☆45Updated 3 months ago
- ☆39Updated last year
- Virtual Trust Level (VTL 1) secure call tracing☆75Updated 3 weeks ago
- A feed of malware samples curated from threat intelligence sources.☆28Updated last year
- ☆50Updated 6 months ago
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Updated 2 years ago
- Recon 2023 slides and code☆79Updated 2 years ago
- Winbindex bot to pull in binaries for specific releases☆48Updated 2 years ago
- ☆175Updated 5 months ago
- Report and exploit of CVE-2024-21305.☆38Updated last year
- BINARLY Research Tools and PoCs☆37Updated last year
- Detection Engineering Tools☆16Updated 2 weeks ago
- A Rust crate for parsing Windows user minidumps.☆41Updated last year