ZPetricusic / defender_signature_parserLinks
Short Python script for parsing Defender VDM signature files.
☆10Updated 11 months ago
Alternatives and similar repositories for defender_signature_parser
Users that are interested in defender_signature_parser are comparing it to the libraries listed below
Sorting:
- rpv-web is a browser based frontend for the rpv library☆26Updated 3 months ago
- Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book☆112Updated last year
- Rule Engine for Dynamic Malware Analysis and Research☆25Updated 4 months ago
- ☆31Updated 6 months ago
- a tiny program to consume from ETW providers for research☆51Updated 8 months ago
- Windows kernel PDB data parsed into YAML☆39Updated 9 months ago
- ☆89Updated 6 months ago
- AppContainer tools for launching sandboxed win32 apps, changing ACL permissions and learning from ETW traces.☆22Updated 4 months ago
- bypassing intel txt's tboot integrity checks via coreboot shim☆80Updated 5 months ago
- ☆28Updated 7 months ago
- How to set up 2 VirtualBox VM to debug kernel driver using windbg☆55Updated 3 years ago
- Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator☆64Updated 5 months ago
- Report and exploit of CVE-2024-21305.☆36Updated last year
- ☆19Updated 2 years ago
- Recon 2023 slides and code☆79Updated 2 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated 2 years ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- ☆58Updated 2 years ago
- Proof-of-concept modular implant platform leveraging v8☆55Updated 6 months ago
- Virtual Trust Level (VTL 1) secure call tracing☆42Updated last week
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆64Updated 2 years ago
- ☆11Updated 3 years ago
- BINARLY Research Tools and PoCs☆36Updated 11 months ago
- Intel 64/Windows low-level experiments☆60Updated last week
- Code samples that serve as references for Windows API functions☆33Updated last year
- ☆15Updated last year
- break link between dll and it file on disk☆11Updated last year
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆40Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆120Updated this week
- ☆74Updated last year