Alternatives and similar repositories for anti_defender:

Users that are interested in anti_defender are comparing it to the libraries listed below

• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated last year
• FuzzySecurity / Magikarp
  ECC Public Key Cryptography
  ☆37Updated last year
• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆21Updated 2 weeks ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated 2 years ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated 3 weeks ago
• MythicC2Profiles / httpx
  Configurable, Community driven, HTTP C2 Profile
  ☆17Updated last month
• horizon3ai / Ivanti-EPM-Coercion-Vulnerabilities
  Proof of concept exploit for Ivanti EPM CVE-2024-13159 and others
  ☆11Updated 2 months ago
• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆20Updated 2 weeks ago
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆44Updated last year
• mverschu / GrizzlyTunnel
  GrizzlyTunnel is a automation script designed to create seamless Layer 3 VPN like tunnels over SSH.
  ☆24Updated 4 months ago
• zer1t0 / keydump
  Dump Linux keyrings
  ☆19Updated 9 months ago
• djackreuter / btexec
  Execute shellcode via Bluetooth device authentication
  ☆38Updated 2 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 5 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆26Updated 3 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 7 months ago
• EvilBytecode / Amsi-Patch-Updated-2025
  How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.
  ☆13Updated 2 weeks ago
• nbaertsch / Shrike
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆59Updated 4 months ago
• PL-V / Firefox-WebInject
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆40Updated 2 years ago
• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆77Updated 3 months ago
• C5Hackr / ARM64_AmsiPatch
  ☆17Updated 2 months ago
• Karkas66 / EarlyCascadeImprooved
  an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code
  ☆19Updated 2 months ago
• Ne0nd0g / go-coff
  Load and execute a common object file format (COFF) in the current process
  ☆28Updated last year
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆21Updated 2 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆31Updated last year
• Krypteria / Proxll
  Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
  ☆37Updated 6 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated last month
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated 6 months ago