hfiref0x / MpEnumLinks
Enumerate Windows Defender threat families and dump their names according category
☆90Updated 6 years ago
Alternatives and similar repositories for MpEnum
Users that are interested in MpEnum are comparing it to the libraries listed below
Sorting:
- CAPE monitor DLLs☆41Updated 5 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆123Updated 4 years ago
- a program to detect reflective dll injection on a live machine☆74Updated 9 years ago
- Windows Drivers☆99Updated 6 years ago
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆96Updated 4 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆76Updated 10 years ago
- Simple 32/64-bit PEs loader.☆138Updated 6 years ago
- ☆115Updated 8 years ago
- PoC designed to evade userland-hooking anti-virus.☆89Updated 6 years ago
- Tool to view and create Microsoft shim database files (SDB).☆115Updated 8 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- A slightly stripped down version of RID (an exercise in learning python C-Types...some of it is a little rushed/sloppy) and a stripped do…☆51Updated 12 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- A C/C++ implementation of Microsoft's Antimalware Scan Interface☆182Updated 7 years ago
- DLL Injection Library & Tools☆71Updated 9 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 9 years ago
- Evil Reflective DLL Injection Finder☆47Updated 6 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 5 years ago
- Process reimaging proof of concept code☆96Updated 6 years ago
- Windows Console Monitoring☆99Updated 7 years ago
- Python implementation of LZNT1 compression/decompression☆65Updated 5 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- ☆22Updated 4 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆85Updated 3 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Telsy CTI Research Team☆57Updated 4 years ago