Alternatives and similar repositories for Anti_Virus

Users that are interested in Anti_Virus are comparing it to the libraries listed below

• martinalebachew / Lighthouse
  Activate Windows & Office 🔑
  ☆13Updated last year
• zodiacon / KObjects
  Sample for Creating a new kernel object type and supporting API
  ☆26Updated last year
• alal4465 / HeavensGateHook
  Hooking Heavens Gate in a weekend
  ☆13Updated 3 years ago
• WHots / RosaryAV
  Lightweight Threat Detection System - (Base)
  ☆15Updated last year
• backengineering / pdbgen2
  Generate a PDB file given the old PDB file and an address mapping
  ☆49Updated 3 months ago
• shaygitub / windows-rootkit
  windows rootkit
  ☆61Updated last year
• 0mWindyBug / KeystrokeSniffer
  a windows kernel keylogger that works
  ☆20Updated last year
• rce-3 / xenith
  Research-focused hypervisor offering advanced tools for debugging, virtual machine introspection, and automation.
  ☆41Updated last month
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆32Updated 3 years ago
• stuxnet147 / Win-ZeroTimer
  simple zero-dependency timer implementation
  ☆12Updated 2 years ago
• kkent030315 / detect-anyrun
  ANY.RUN sandbox detection collection
  ☆21Updated last year
• alfarom256 / MinifilterResearch
  ☆16Updated 3 years ago
• xsh3llsh0ck / PicoHook
  Small driver that uses alternative syscalls feature (the project is still under development).
  ☆18Updated last year
• ch3rn0byl / CVE-2021-21551
  ☆25Updated 4 years ago
• DownWithUp / WarbirdExamples
  An example of how to use Microsoft Windows Warbird technology
  ☆28Updated 2 years ago
• jwbensley / metamorphic_polymorphic
  Examples of Metamorphic and Polymorphic code
  ☆33Updated 5 years ago
• 3dnow / NtCreateLowBoxToken
  A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
  ☆41Updated 4 months ago
• worawit / malk
  Demonstrate calling a kernel function and handle process creation callback against HVCI
  ☆77Updated 2 years ago
• zodiacon / VerifierDLL
  Example of building an application verifer DLL
  ☆49Updated last year
• ByteWhite1x1 / PatchGuardResearch
  Bypassing kernel patch protection runtime
  ☆20Updated 2 years ago
• LLVMParty / LLVMCMakeTemplate
  Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).
  ☆43Updated 7 months ago
• Midi12 / whse
  WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
  ☆23Updated 3 years ago
• zodiacon / WinEventHooks
  SetWinEventHook Sample
  ☆49Updated 2 years ago
• un4ckn0wl3z / PCIE-Detector
  Sample/PoC Windows kernel driver for detect DMA devices by using Vendor ID and Device ID signatures
  ☆35Updated last year
• archercreat / vdk
  vdk is a set of utilities used to help with exploitation of a vulnerable driver.
  ☆42Updated 3 years ago
• cbwang505 / Win11PoolView
  正确解析 _HEAP_VS_***符号 ,支持在最新win11 24h2 运行,替换windbg自带的!pool命令
  ☆17Updated 11 months ago
• Yuerino / obfuscator-pass
  A collection of LLVM passes for obfuscating
  ☆39Updated 2 years ago
• ch3rn0byl / Gremlins
  ☆14Updated 2 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆27Updated 2 years ago
• jeperez / WinREPL
  x86 and x64 assembly "read-eval-print loop" for Windows
  ☆33Updated 8 years ago