Alternatives and similar repositories for windows-defender

Users that are interested in windows-defender are comparing it to the libraries listed below

• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• botherder / go-autoruns
  Collect autorun records from running system
  ☆59Updated 4 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• malice-plugins / office
  Malice Office/OLE/RTF Plugin
  ☆13Updated 7 years ago
• SafeBreach-Labs / Spooler
  ☆62Updated 5 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 5 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 5 years ago
• nccgroup / WindowsDACLEnumProject
  A collection of tools to enumerate and analyse Windows DACLs
  ☆109Updated 10 years ago
• Dankirk / RegSLScan
  A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
  ☆46Updated 6 years ago
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆48Updated 2 months ago
• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 7 years ago
• mattifestation / PoCSubjectInterfacePackage
  A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
  ☆100Updated 8 years ago
• michaelbadichi / RunAsSystem
  ☆34Updated 10 years ago
• scottlundgren / w32time
  ☆53Updated 7 years ago
• EgeBalci / MapPE
  PE file mapping and manipulation package.
  ☆36Updated 3 years ago
• EyeOfRa / WinConMon
  Windows Console Monitoring
  ☆103Updated 8 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆124Updated 5 years ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆54Updated 7 years ago
• 3gstudent / Writeup
  interesting analysis
  ☆16Updated 7 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆33Updated 6 years ago
• homjxi0e / ReaCOM
  ReaCOM has got a lot of tools to use and is related to component object model
  ☆74Updated 5 years ago
• 0xeb-bp / cve-2020-1015
  PoC for CVE-2020-1015
  ☆39Updated 5 years ago
• theflakes / Evil_DLL
  Simple DLL to test various injection methods.
  ☆52Updated 5 years ago
• jthuraisamy / CVE-2019-9730
  Synaptics Audio Driver LPE
  ☆37Updated 6 years ago
• herrcore / CmdDesktopSwitch
  CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…
  ☆35Updated 9 years ago
• papadp / reflective-injection-detection
  a program to detect reflective dll injection on a live machine
  ☆76Updated 10 years ago
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆74Updated 4 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆81Updated 3 years ago
• Velocidex / oleparse
  Golang parser for OLE files
  ☆33Updated last month
• oneNutW0nder / CatTails
  Raw socket library/framework for red team events
  ☆33Updated 2 years ago