Enumerate Windows Defender threat families and dump their names according category
☆94May 27, 2019Updated 6 years ago
Alternatives and similar repositories for MpEnum
Users that are interested in MpEnum are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ReactOS x86-32 syscall fuzzer☆58Jul 5, 2025Updated 8 months ago
- Extract Windows Defender database from vdm files and unpack it☆476Feb 23, 2026Updated last month
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- (This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, E…☆19May 31, 2025Updated 9 months ago
- Tools for instrumenting Windows Defender's mpengine.dll☆311Oct 25, 2018Updated 7 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 8 months ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- BSOD Screensaver☆43Jul 5, 2025Updated 8 months ago
- Slides of 44Con 2018☆23Oct 11, 2018Updated 7 years ago
- PoC code for CVE-2018-15499 (exploit race condition for BSoD)☆11Aug 23, 2018Updated 7 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆111Feb 25, 2018Updated 8 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- FLARE Kernel Shellcode Loader☆177May 3, 2019Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆46Jun 14, 2018Updated 7 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆108Jul 24, 2018Updated 7 years ago
- API logger plugin for Intel Pintool☆14Nov 19, 2017Updated 8 years ago
- Various code from the past (for historical purposes)☆16Aug 4, 2023Updated 2 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- windows syscall table from xp ~ 10 rs4☆355Jun 8, 2018Updated 7 years ago
- ZeroAccess v3 toolkit☆166Dec 18, 2017Updated 8 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆241Nov 6, 2019Updated 6 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- Windows ndiscap.sys adapter for WinPcap applications☆28Jun 26, 2016Updated 9 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Demos presented on Hackerfest 2015☆14Nov 9, 2015Updated 10 years ago
- Telegram Bot that performs checks of the yararules.com ruleset☆13May 13, 2016Updated 9 years ago
- CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation☆83Mar 13, 2019Updated 7 years ago
- Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format☆13Jun 3, 2014Updated 11 years ago
- PowerShell interpreter for unmanaged (non CLI) C++ projects☆16Jul 19, 2017Updated 8 years ago
- ☆30May 23, 2017Updated 8 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆22Apr 13, 2018Updated 7 years ago
- Escalation of privilege exploit for Dell BIOS flasher (Flash64W) (2017)☆13Dec 7, 2020Updated 5 years ago
- ☆19Jul 20, 2015Updated 10 years ago
- ☆36Sep 5, 2017Updated 8 years ago
- CVE-2014-0816☆26Oct 5, 2016Updated 9 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago