Alternatives and similar repositories for defender_signature_parser

Users that are interested in defender_signature_parser are comparing it to the libraries listed below

• rad9800 / RansomFS
  ☆31Updated 11 months ago
• badhive / alca
  Rule Engine for Dynamic Malware Analysis and Research
  ☆25Updated 9 months ago
• AaLl86 / WindowsInternals
  Contains all the applications developed for the Second part of the 7th Edition of Windows Internals book
  ☆115Updated last year
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆54Updated last year
• qtc-de / rpv-web
  rpv-web is a browser based frontend for the rpv library
  ☆26Updated 2 months ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆42Updated 3 months ago
• trailofbits / HVCI-loldrivers-check
  ☆57Updated 2 years ago
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆21Updated 2 years ago
• captainGeech42 / implant.js
  Proof-of-concept modular implant platform leveraging v8
  ☆54Updated 11 months ago
• trailofbits / WinDbg-JS
  ☆29Updated 2 years ago
• mandiant / poisonplug-scatterbrain
  Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
  ☆75Updated 10 months ago
• embee-research / CyberChef
  ☆16Updated 2 years ago
• magicsword-io / bootloaders
  bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…
  ☆68Updated 2 years ago
• WildByDesign / win32-appcontainer-tools
  AppContainer tools for launching sandboxed win32 apps, changing ACL permissions and learning from ETW traces.
  ☆30Updated 9 months ago
• Cyb3r-Monk / Microsoft-Vulnerable-Driver-Block-Lists
  Microsoft Vulnerable Driver Block Lists in CSV and JSON for SIEM lookups
  ☆53Updated 4 months ago
• DissectMalware / yaradbg-frontend
  ☆39Updated 2 years ago
• DebugPrivilege / WindowsAP1
  Code samples that serve as references for Windows API functions
  ☆76Updated last year
• zodiacon / Recon2023
  Recon 2023 slides and code
  ☆80Updated 2 years ago
• thalium / vminer
  ☆90Updated last year
• quarkslab / tpmee
  ☆11Updated 3 years ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆91Updated 2 years ago
• pygrum / siphon
  A feed of malware samples curated from threat intelligence sources.
  ☆28Updated 2 years ago
• eversinc33 / TriageMCP
  Vibe Malware Triage - MCP server for static PE analysis.
  ☆74Updated 2 months ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆45Updated 2 years ago
• xalicex / kernel-debug-lab-for-virtual-box
  How to set up 2 VirtualBox VM to debug kernel driver using windbg
  ☆57Updated 3 years ago
• connormcgarr / Vtl1Mon
  Virtual Trust Level (VTL 1) secure call tracing
  ☆95Updated 5 months ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated 2 years ago
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆41Updated 3 years ago
• ic3qu33n / OffensiveCon24-uefi-task-of-the-translator
  OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
  ☆43Updated last year
• jonny-jhnson / JonMon-Lite
  ☆48Updated 8 months ago