about how to make a anti-virus engine
☆109May 22, 2025Updated 11 months ago
Alternatives and similar repositories for awesome_anti_virus_engine
Users that are interested in awesome_anti_virus_engine are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆163Oct 27, 2024Updated last year
- 2025最新开发的ShellcodeLoader框架,用于AV检测策略分析的模块化 Shellcode 加载器框架,具备非常强大的静态混淆功能。☆25Jul 7, 2025Updated 10 months ago
- ☆17Jun 16, 2025Updated 10 months ago
- defender_database☆25Oct 31, 2023Updated 2 years ago
- 基于UC的启发式杀毒引擎[还没做完]☆35Mar 28, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 在线安软识别☆12Aug 6, 2025Updated 9 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 11 months ago
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆182Aug 3, 2024Updated last year
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 3 years ago
- 内存分析中玩贪吃蛇☆16Jan 13, 2024Updated 2 years ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆109Sep 4, 2025Updated 8 months ago
- 关闭恶意驱动的文件和注册表保护☆14Jun 28, 2022Updated 3 years ago
- 通过分析流量,快速检查手机是否被APT攻击☆35Oct 19, 2025Updated 6 months ago
- Extracted Yara rules from Windows Defender mpavbase and mpasbase☆525Dec 22, 2025Updated 4 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆60Oct 17, 2024Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆75Mar 16, 2026Updated last month
- x86-x64 Packer with Portable Executable compatibility.☆105Apr 29, 2026Updated last week
- Semantic analysis engine for detecting vulnerability fixes in Windows kernel driver patches — 58 YAML rules, Ghidra decompilation, reacha…☆63Feb 26, 2026Updated 2 months ago
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- A modern C++20 header-only library for advanced direct system call invocation.☆170Apr 1, 2026Updated last month
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,321Jun 21, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 6 months ago
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆54Jul 13, 2025Updated 9 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- 使用 Intel 虚拟化特性实现应用层HOOK☆65Sep 11, 2025Updated 7 months ago
- The first Computer Emergency Response (ARK) Tools for young people ;) 年轻人的第一款应急响应(ARK)工具 ;)☆672Oct 21, 2025Updated 6 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆190Updated this week
- 蓝队应急工具☆544Jun 10, 2024Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆724Jul 19, 2023Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆62Mar 1, 2024Updated 2 years ago
- Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.☆13Nov 23, 2023Updated 2 years ago
- ☆19May 22, 2024Updated last year
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- beta☆119Sep 24, 2024Updated last year
- Linker for Beacon Object Files☆181Mar 30, 2026Updated last month
- ☆32Sep 12, 2024Updated last year
- Uses ghidra to find all ETW write metadata for each API in a PE file☆29Jul 26, 2024Updated last year
- An implementation of an indirect system call☆132Aug 25, 2023Updated 2 years ago
- A tool for automatic patch shellcode into binary file to bypass AV. / 一个自动patch shellcode到二进制文件的工具☆577Apr 8, 2026Updated last month
- 戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑☆537Oct 25, 2023Updated 2 years ago