Alternatives and similar repositories for windows-defender:

Users that are interested in windows-defender are comparing it to the libraries listed below

• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• malice-plugins / office
  Malice Office/OLE/RTF Plugin
  ☆13Updated 6 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 4 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆30Updated 4 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• mandiant / win10_auto
  ☆24Updated 5 years ago
• StrangerealIntel / Cerberus
  Sources code extracted from malwares for analysis
  ☆36Updated 2 years ago
• deroko / SPPLUAObjectUacBypass
  ☆45Updated 6 years ago
• cobbr / InsecurePowerShellHost
  InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…
  ☆31Updated 7 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆47Updated 2 months ago
• libyal / libfwevt
  Library for Windows XML Event Log (EVTX) data types
  ☆18Updated 6 months ago
• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆24Updated 5 months ago
• NexusFuzzy / NanoDump
  Tool to decrypt the configuration of NanoCore and dump all used plugins
  ☆10Updated 4 years ago
• ycscaly / Privilege-Escalation-Framework
  Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…
  ☆35Updated 8 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆53Updated 2 years ago
• lemmou / RansomNoteFiles
  ☆23Updated last year
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆51Updated 6 years ago
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆38Updated 2 months ago
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated last month
• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 6 years ago
• EgeBalci / MapPE
  PE file mapping and manipulation package.
  ☆36Updated 2 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 2 years ago
• Dankirk / RegSLScan
  A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
  ☆46Updated 5 years ago
• iAbdullahMughal / dscan
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Updated 5 months ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆120Updated 4 years ago
• whiteHat001 / MIcrosoft-Word-Use-After-Free
  ☆16Updated 4 years ago
• t57root / amcsh
  A More Comfortable (remote) SHell with full pty support and both reverse / bindport connection mode.
  ☆30Updated 11 years ago
• CptGibbon / Windows-Process-Injection
  Some simple process injection techniques targeting the Windows platform
  ☆32Updated 5 years ago