Windows Defender VDM lua collections
☆48Oct 30, 2022Updated 3 years ago
Alternatives and similar repositories for Extracted_WD_VDM
Users that are interested in Extracted_WD_VDM are comparing it to the libraries listed below
Sorting:
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Sep 26, 2022Updated 3 years ago
- A simple tool for enumerating dynamic endpoints on a DCE/RPC remote or local endpoint mapper.☆15Oct 9, 2020Updated 5 years ago
- A simple hidden vnc.☆34Feb 19, 2021Updated 5 years ago
- 用Rust语言编写,使用特征值从微信内存中提取数据库密钥的工具☆99Feb 16, 2023Updated 3 years ago
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- ☆57Apr 19, 2023Updated 2 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated 11 months ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- Implementation of ITaskHandler in C++☆14Feb 11, 2023Updated 3 years ago
- A simple way to spoof return addresses using an exception handler☆43Aug 3, 2022Updated 3 years ago
- ☆132Oct 14, 2022Updated 3 years ago
- shadow tls client☆14Dec 30, 2022Updated 3 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- ☆13Aug 24, 2022Updated 3 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- Extract Windows Defender database from vdm files and unpack it☆476Feb 23, 2026Updated last week
- Re-implement cmd.exe using windows api☆50Feb 7, 2023Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- This is a daemon process which make a programe runing all time.☆84Mar 6, 2022Updated 3 years ago
- Detect strange memory regions and DLLs☆185Jan 20, 2022Updated 4 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Feb 23, 2022Updated 4 years ago
- Exploring RPC interfaces on Windows☆345Jan 30, 2024Updated 2 years ago
- 一些进程注入或者Shellcode注入的实例代码,用于练习和熟悉☆19May 29, 2022Updated 3 years ago
- DiagTrack Eop (From Service Account to SYSTEM)☆24Jan 13, 2023Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- A exe loader that can load NScript evaluation engine of Windows Defender/Microsft Security Essential. You can fuzz NScript by using this.…☆28Oct 18, 2017Updated 8 years ago
- Call NtCreateUserProcess directly as normal.☆77May 17, 2022Updated 3 years ago
- This project used to learn golang and try to bypass AV☆21Sep 20, 2021Updated 4 years ago
- 参考taviso的代码逆向一下mpengine.dll☆20Jun 30, 2022Updated 3 years ago
- A modern, mod independent open source cheat for Enemy Territory☆70Dec 6, 2025Updated 2 months ago
- BOF/COFF obj file to PIC(shellcode). by golang☆39Sep 28, 2022Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Jun 21, 2022Updated 3 years ago
- Calling the undocumented DPAPI RPC interface directly, no more calling public CryptUnprotectData!☆75Feb 4, 2026Updated 3 weeks ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago