Alternatives and similar repositories for windows-defender

Users that are interested in windows-defender are comparing it to the libraries listed below

• nccgroup / WindowsDACLEnumProject
  A collection of tools to enumerate and analyse Windows DACLs
  ☆109Updated 10 years ago
• mattifestation / PoCSubjectInterfacePackage
  A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
  ☆100Updated 8 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• SafeBreach-Labs / Spooler
  ☆62Updated 5 years ago
• theflakes / Evil_DLL
  Simple DLL to test various injection methods.
  ☆52Updated 5 years ago
• scottlundgren / w32time
  ☆53Updated 7 years ago
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆49Updated 3 months ago
• malware-kitten / shellcode_hashes
  A collection of shellcode hashes
  ☆17Updated 7 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 5 years ago
• OsandaMalith / WindowsInternals
  Experiments on the Windows Internals
  ☆31Updated 6 years ago
• michaelbadichi / RunAsSystem
  ☆34Updated 10 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 5 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆124Updated 5 years ago
• mandiant / vivisect
  pure Python binary analysis framework
  ☆23Updated 7 years ago
• ohjeongwook / sRDI
  ☆28Updated 7 years ago
• whiteHat001 / MIcrosoft-Word-Use-After-Free
  ☆16Updated 5 years ago
• matthewdunwoody / POSHSPY
  POSHSPY backdoor code
  ☆46Updated 8 years ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆58Updated last year
• mandiant / win10_auto
  ☆24Updated 6 years ago
• Dankirk / RegSLScan
  A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
  ☆45Updated 6 years ago
• 3gstudent / PasswordFilter
  2 ways of Password Filter DLL to record the plaintext password
  ☆64Updated 4 years ago
• DimopoulosElias / SimpleMimikatzObfuscator
  A set of commands to bypass Defender (and some other AVs)
  ☆20Updated 6 years ago
• djhohnstein / ProcessReimaging
  Process reimaging proof of concept code
  ☆97Updated 6 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• joren485 / HollowProcess
  Hollow Process / Dynamic Forking / RunPE injection technique implemented in Python
  ☆54Updated 4 years ago
• 0xeb-bp / cve-2020-1015
  PoC for CVE-2020-1015
  ☆39Updated 5 years ago
• v-p-b / kaspy_toolz
  ☆46Updated 6 years ago
• rogue-kdc / CVE-2019-1253
  ☆50Updated 6 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆51Updated 3 months ago