Enumerate Windows Defender threat families and dump their names according category
☆93May 27, 2019Updated 6 years ago
Alternatives and similar repositories for MpEnum
Users that are interested in MpEnum are comparing it to the libraries listed below
Sorting:
- ReactOS x86-32 syscall fuzzer☆58Jul 5, 2025Updated 8 months ago
- Extract Windows Defender database from vdm files and unpack it☆476Feb 23, 2026Updated last week
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- PoC code for CVE-2018-15499 (exploit race condition for BSoD)☆11Aug 23, 2018Updated 7 years ago
- Slides of 44Con 2018☆22Oct 11, 2018Updated 7 years ago
- Microsoft Edge Microsoft Edge主页算法☆20Apr 15, 2019Updated 6 years ago
- Software Distribution Service☆12Jul 2, 2015Updated 10 years ago
- ☆46Jun 14, 2018Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- API logger plugin for Intel Pintool☆14Nov 19, 2017Updated 8 years ago
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 7 months ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- A software driver that lets you log kernel-mode debug output into a file on Windows.☆108Jul 24, 2018Updated 7 years ago
- Tools for instrumenting Windows Defender's mpengine.dll☆311Oct 25, 2018Updated 7 years ago
- Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format☆13Jun 3, 2014Updated 11 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- FLARE Kernel Shellcode Loader☆177May 3, 2019Updated 6 years ago
- A Fuzzer for Windows NDIS Drivers OID Handlers☆96Nov 4, 2021Updated 4 years ago
- Multi-purpose proof-of-concept tool based on CPU-Z CVE-2017-15303☆110Feb 25, 2018Updated 8 years ago
- HAXM hypervisor client☆18Nov 30, 2018Updated 7 years ago
- ☆86Oct 29, 2023Updated 2 years ago
- ☆19Jul 20, 2015Updated 10 years ago
- BSOD Screensaver☆45Jul 5, 2025Updated 8 months ago
- ☆36Sep 5, 2017Updated 8 years ago
- Internet Explorer Exploit with CFG bypass for Windows 10☆59Jan 11, 2017Updated 9 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago
- ☆11Aug 28, 2024Updated last year
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- An minifilter-based transparent encryptor on Windows.☆30Feb 27, 2017Updated 9 years ago
- ☆30May 23, 2017Updated 8 years ago
- Tool to view and create Microsoft shim database files (SDB).☆119May 11, 2017Updated 8 years ago
- AllMemPro☆46Jan 15, 2018Updated 8 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆26Oct 25, 2020Updated 5 years ago
- CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code☆37Sep 8, 2020Updated 5 years ago
- Shareds for kernel developement☆29Dec 23, 2013Updated 12 years ago
- A C/C++ implementation of Microsoft's Antimalware Scan Interface☆182Mar 30, 2018Updated 7 years ago
- Utility for dumping all the information Capstone has on given instructions.☆23Oct 1, 2021Updated 4 years ago