Alternatives and similar repositories for anti_defender

Users that are interested in anti_defender are comparing it to the libraries listed below

• EvilBytecode / PPID-Spoofing
  Parent Process ID Spoofing, coded in CGo.
  ☆24Updated 9 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 2 weeks ago
• Offensive-Panda / C2_Elevated_Shell_DLL_Hijcking
  DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…
  ☆44Updated last year
• 0xJs / EnumMitigations
  Reports on Driver, LSASS and other security services mitigations
  ☆34Updated 5 months ago
• TwoSevenOneT / EDRStartupHinder
  EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.
  ☆183Updated last month
• xelemental / Mal-LNK-Generator
  ☆39Updated 10 months ago
• dis0rder0x00 / stillepost
  Using Chromium-based browsers as a proxy for C2 traffic.
  ☆140Updated 2 months ago
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• HulkOperator / AuthStager
  ☆59Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 9 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆32Updated 9 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆92Updated last year
• Cipher7 / havoc-PoolParty
  Windows Thread Pool Injection Havoc Implementation
  ☆32Updated last year
• tehstoni / tryharder
  C++ Staged Shellcode Loader with Evasion capabilities.
  ☆97Updated last year
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆21Updated 10 months ago
• EvilBytecode / Detecting-Indirect-Syscalls
  Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.
  ☆51Updated 3 months ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆31Updated 11 months ago
• olafhartong / ETWLocksmith
  A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…
  ☆62Updated 6 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆27Updated 9 months ago
• PL-V / Firefox-WebInject
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆42Updated 3 years ago
• mez-0 / citadel
  A Payload Analysis Framework
  ☆116Updated 4 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆84Updated last year
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated last year
• nickvourd / Rocabella
  Sniffing files generator
  ☆61Updated 11 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆25Updated last year
• nbaertsch / Shrike
  Hunting and injecting RWX 'mockingjay' DLLs in pure nim
  ☆59Updated last year
• Workday / raw-disk-parser
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆105Updated 5 months ago
• 0xTriboulet / T-1
  T-1 is a shellcode loader that leverages ML techniques to detect VM environments
  ☆34Updated last year