huoji120/awesome_anti_virus_engine external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

huoji120/awesome_anti_virus_engine

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/huoji120/awesome_anti_virus_engine)

Close

huoji120 / awesome_anti_virus_engineView on GitHubMore

• External links
• Readme badge

about how to make a anti-virus engine

☆107May 22, 2025Updated 10 months ago

Alternatives and similar repositories for awesome_anti_virus_engine

Users that are interested in awesome_anti_virus_engine are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• huoji120 / APT_Step_Bear_Inject

  View on GitHub
  复现《EDR的梦魇：Storm-0978使用新型内核注入技术“Step Bear”》
  ☆161Oct 27, 2024Updated last year
• LilDean17 / ShellcodeLoader2025

  View on GitHub
  2025最新开发的ShellcodeLoader框架，用于AV检测策略分析的模块化 Shellcode 加载器框架，具备非常强大的静态混淆功能。
  ☆25Jul 7, 2025Updated 8 months ago
• Zephyr236 / CTinyBeacon

  View on GitHub
  ☆17Jun 16, 2025Updated 9 months ago
• hongson11698 / defender-database-extract

  View on GitHub
  defender_database
  ☆25Oct 31, 2023Updated 2 years ago
• huoji120 / Heuristic_antivirus_engine_by_huoji

  View on GitHub
  基于UC的启发式杀毒引擎[还没做完]
  ☆35Mar 28, 2021Updated 5 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• BushANQ / Get_AV

  View on GitHub
  在线安软识别
  ☆12Aug 6, 2025Updated 7 months ago
• Maldev-Academy / HookingLsassForCredentials

  View on GitHub
  Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials
  ☆54May 12, 2025Updated 10 months ago
• huoji120 / white_patch_detect

  View on GitHub
  通杀检测基于白文件patch黑代码的免杀技术的后门
  ☆182Aug 3, 2024Updated last year
• evilashz / ProxyAPICall

  View on GitHub
  Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI
  ☆34Mar 17, 2023Updated 3 years ago
• splintersfury / AutoPiff

  View on GitHub
  Semantic analysis engine for detecting vulnerability fixes in Windows kernel driver patches — 58 YAML rules, Ghidra decompilation, reacha…
  ☆58Feb 26, 2026Updated last month
• boy-hack / memory_snake

  View on GitHub
  内存分析中玩贪吃蛇
  ☆16Jan 13, 2024Updated 2 years ago
• Workday / raw-disk-parser

  View on GitHub
  A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs
  ☆107Sep 4, 2025Updated 6 months ago
• Neo-Maoku / KillDriverProtect

  View on GitHub
  关闭恶意驱动的文件和注册表保护
  ☆14Jun 28, 2022Updated 3 years ago
• huoji120 / mbnsc

  View on GitHub
  通过分析流量,快速检查手机是否被APT攻击
  ☆35Oct 19, 2025Updated 5 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• roadwy / DefenderYara

  View on GitHub
  Extracted Yara rules from Windows Defender mpavbase and mpasbase
  ☆504Dec 22, 2025Updated 3 months ago
• howmp / donut_ollvm

  View on GitHub
  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…
  ☆71Mar 16, 2026Updated 2 weeks ago
• t0-retooling / defender-recon24

  View on GitHub
  ☆59Oct 17, 2024Updated last year
• notcpuid / pe-packer

  View on GitHub
  x86-x64 Packer with Portable Executable compatibility.
  ☆103Dec 15, 2025Updated 3 months ago
• vardyh / libdt

  View on GitHub
  libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.
  ☆14Aug 17, 2015Updated 10 years ago
• huoji120 / sleep_duck_eye

  View on GitHub
  Stack integrity verification to Detect SleepMask or CallStack Spoofer
  ☆53Jul 13, 2025Updated 8 months ago
• sapdragon / syscalls-cpp

  View on GitHub
  A modern C++20 header-only library for advanced direct system call invocation.
  ☆170Jan 17, 2026Updated 2 months ago
• myzxcg / RealBlindingEDR

  View on GitHub
  Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…
  ☆1,299Jun 21, 2024Updated last year
• Teach2Breach / stargate

  View on GitHub
  Locate dlls and function addresses without PEB Walk and EAT parsing
  ☆105Nov 7, 2025Updated 4 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• NoHeart2019 / KasR3Hook

  View on GitHub
  使用 Intel 虚拟化特性实现应用层HOOK
  ☆66Sep 11, 2025Updated 6 months ago
• br4ndn / warbird-example

  View on GitHub
  ☆31Sep 12, 2024Updated last year
• QAX-Anti-Virus / QDoctor

  View on GitHub
  The first Computer Emergency Response (ARK) Tools for young people ;) 　　　　　　　　　　　　　　　　　　　　　　年轻人的第一款应急响应(ARK)工具 ；）
  ☆669Oct 21, 2025Updated 5 months ago
• t-tani / defender2yara

  View on GitHub
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆150Mar 23, 2026Updated last week
• Cracked5pider / Rhaast

  View on GitHub
  doesnt work and wont work on it anymore
  ☆10Jul 8, 2024Updated last year
• RoomaSec / RmTools

  View on GitHub
  蓝队应急工具
  ☆542Jun 10, 2024Updated last year
• Dec0ne / HWSyscalls

  View on GitHub
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆721Jul 19, 2023Updated 2 years ago
• coleak2021 / vehsyscall

  View on GitHub
  vehsyscall:a syscall project that may bypass EDR
  ☆62Mar 1, 2024Updated 2 years ago
• MEhrn00 / boflink

  View on GitHub
  Linker for Beacon Object Files
  ☆171Feb 22, 2026Updated last month
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• MustafaNafizDurukan / WindowsKernelDriversLibrary

  View on GitHub
  Collection of Windows kernel driver examples, offering insights into Windows internals, rootkit evasion, and advanced driver development.
  ☆12Nov 23, 2023Updated 2 years ago
• UmaRex01 / Hit-And-Run

  View on GitHub
  A method to execute syscalls while bypassing EDR's function hooking and call stack analysis.
  ☆25Apr 24, 2025Updated 11 months ago
• trustedsec / LLVM-Obfuscation-Experiments

  View on GitHub
  ☆17May 22, 2024Updated last year
• TianNaYa / ProxyDll

  View on GitHub
  beta
  ☆119Sep 24, 2024Updated last year
• CBLabresearch / PhantomExecution

  View on GitHub
  Self Cleanup in post-ex job
  ☆59Sep 10, 2024Updated last year
• jdu2600 / API-To-ETW

  View on GitHub
  Uses ghidra to find all ETW write metadata for each API in a PE file
  ☆28Jul 26, 2024Updated last year
• 0sha0 / PYAS_Protection

  View on GitHub
  A Driver Only For PYAS
  ☆14Jul 28, 2023Updated 2 years ago