Alternatives and similar repositories for defender_signature_parser

Users that are interested in defender_signature_parser are comparing it to the libraries listed below

• rad9800 / RansomFS
  ☆32Updated 7 months ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆51Updated 8 months ago
• qtc-de / rpv-web
  rpv-web is a browser based frontend for the rpv library
  ☆26Updated 4 months ago
• badhive / alca
  Rule Engine for Dynamic Malware Analysis and Research
  ☆25Updated 5 months ago
• thalium / vminer
  ☆89Updated 7 months ago
• AaLl86 / WindowsInternals
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆114Updated last year
• WildByDesign / win32-appcontainer-tools
  AppContainer tools for launching sandboxed win32 apps, changing ACL permissions and learning from ETW traces.
  ☆22Updated 4 months ago
• captainGeech42 / implant.js
  Proof-of-concept modular implant platform leveraging v8
  ☆56Updated 6 months ago
• mandiant / poisonplug-scatterbrain
  Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
  ☆64Updated 6 months ago
• DebugPrivilege / WindowsAP1
  Code samples that serve as references for Windows API functions
  ☆35Updated last year
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆20Updated 2 years ago
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆42Updated last year
• magicsword-io / bootloaders
  bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…
  ☆66Updated 2 years ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆41Updated 10 months ago
• trailofbits / HVCI-loldrivers-check
  ☆58Updated 2 years ago
• vmsplit / checkm8
  bypassing intel txt's tboot integrity checks via coreboot shim
  ☆81Updated 6 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆123Updated this week
• jonny-jhnson / JonMon-Lite
  ☆45Updated 3 months ago
• DissectMalware / yaradbg-frontend
  ☆39Updated last year
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆75Updated 3 weeks ago
• pygrum / siphon
  A feed of malware samples curated from threat intelligence sources.
  ☆28Updated last year
• Slowerzs / KeyJumper
  ☆50Updated 6 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆32Updated 2 years ago
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆79Updated 2 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated 2 years ago
• jonny-jhnson / ETWInspector
  ☆175Updated 5 months ago
• tandasat / CVE-2024-21305
  Report and exploit of CVE-2024-21305.
  ☆38Updated last year
• binarly-io / ToolsAndPoCs
  BINARLY Research Tools and PoCs
  ☆37Updated last year
• amohanta / Detection_Engineering_Tools
  Detection Engineering Tools
  ☆16Updated 2 weeks ago
• 0vercl0k / udmp-parser-rs
  A Rust crate for parsing Windows user minidumps.
  ☆41Updated last year