Alternatives and similar repositories for anti_defender

Users that are interested in anti_defender are comparing it to the libraries listed below

• olafhartong / ETWLocksmith
  A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…
  ☆62Updated 6 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated last week
• xelemental / Mal-LNK-Generator
  ☆39Updated 10 months ago
• zarkones / ControlSTUDIO
  Adversary Simulation Framework
  ☆38Updated 5 months ago
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆97Updated last year
• EvilBytecode / Detecting-Indirect-Syscalls
  Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.
  ☆51Updated 3 months ago
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆24Updated 9 months ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆92Updated last year
• HulkOperator / AuthStager
  ☆59Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆28Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• Teach2Breach / rpeloader
  use python on windows with full submodule support without installation
  ☆30Updated last year
• nbaertsch / Shrike
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆59Updated last year
• mez-0 / citadel
  A Payload Analysis Framework
  ☆114Updated 3 months ago
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆32Updated last year
• nickvourd / Rocabella
  Sniffing files generator
  ☆60Updated 11 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆28Updated last year
• praetorian-inc / swarmer
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆42Updated last week
• bot984397 / eepy
  ☆38Updated 9 months ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆55Updated 2 years ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆31Updated 11 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 8 months ago
• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆84Updated last year
• Bl4ckM1rror / PEAs
  ☆61Updated 2 years ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated 11 months ago
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated last year
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Updated 9 months ago