hongson11698 / defender-database-extractView external linksLinks
defender_database
☆24Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for defender-database-extract
Users that are interested in defender-database-extract are comparing it to the libraries listed below
Sorting:
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆142Updated this week
- WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API☆26Apr 24, 2022Updated 3 years ago
- Interact with Windows RPC Services over SMB using go-smb☆11Nov 18, 2025Updated 2 months ago
- ☆59Oct 17, 2024Updated last year
- arm64 linux position-independent shellcode framework☆29Dec 12, 2025Updated 2 months ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 3 years ago
- about how to make a anti-virus engine☆106May 22, 2025Updated 8 months ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- ☆15Jul 22, 2022Updated 3 years ago
- Rookit and anti rookit on Windows platform☆14Apr 30, 2024Updated last year
- ☆43Nov 18, 2024Updated last year
- ☆20Oct 14, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- ☆24Jul 15, 2023Updated 2 years ago
- Archive Mirror for recently republished PoC/Exploit code☆17Nov 26, 2017Updated 8 years ago
- 一款linux下的安全产品目的是满足个人安全需求有SSH爆破防护和SYN攻击扫描防护功能,基于netfilter,☆23Dec 2, 2023Updated 2 years ago
- Windows driver template, using C++20 & cmake & GithubActions☆24Aug 9, 2024Updated last year
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆39Jul 29, 2025Updated 6 months ago
- Secretly record audio and video with chromium based browsers.☆23Feb 14, 2024Updated last year
- Windows Defender VDM lua collections☆48Oct 30, 2022Updated 3 years ago
- Extract Windows Defender database from vdm files and unpack it☆473Aug 8, 2025Updated 6 months ago
- ☆57Jan 15, 2024Updated 2 years ago
- Experiment to use sections as User/Kernelmode comm vector☆22Apr 7, 2023Updated 2 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- Expriments☆479Oct 3, 2024Updated last year
- RISCV-V disassembler for IDA Pro☆25Mar 26, 2017Updated 8 years ago
- Command like tool to print mitigation flags for running processes in a memory dump☆47Sep 18, 2020Updated 5 years ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆266Jun 18, 2025Updated 7 months ago
- ☆29Nov 22, 2023Updated 2 years ago
- Modified version of Impacket to use dynamic NTLMv2 Challenge/Response☆20Dec 26, 2022Updated 3 years ago
- Hades is a Host-Based Intrusion Detection System based on both eBPF(kernel) and netlink/cn_proc(userspace).☆28Dec 14, 2024Updated last year
- Labyrinth, an LLVM obfuscation plugin for the New Pass Manager☆44Feb 23, 2025Updated 11 months ago
- Windows CVE主防(HIPS/HIDS)☆56Apr 29, 2021Updated 4 years ago
- 使用 Intel 虚拟化特性实现应用层HOOK☆65Sep 11, 2025Updated 5 months ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Aug 31, 2021Updated 4 years ago
- Finds imports that could be exploited, still requires manual analysis.☆29Nov 9, 2022Updated 3 years ago
- rpv-web is a browser based frontend for the rpv library☆26Nov 21, 2025Updated 2 months ago