t0-retooling/defender-recon24

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/t0-retooling/defender-recon24)

t0-retooling / defender-recon24

☆61

Alternatives and similar repositories for defender-recon24

Users that are interested in defender-recon24 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

t-tani / defender2yara
View on GitHub
Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
☆207Updated this week
hongson11698 / defender-database-extract
View on GitHub
defender_database
☆25Oct 31, 2023Updated 2 years ago
Neo-Maoku / KillDriverProtect
View on GitHub
关闭恶意驱动的文件和注册表保护
☆14Jun 28, 2022Updated 3 years ago
gmh5225 / warbird-example
View on GitHub
☆26Jul 15, 2023Updated 2 years ago
Vector35 / pdb-rs
View on GitHub
A parser for Microsoft PDB (Program Database) debugging information
☆23Nov 5, 2024Updated last year
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
kyxiaxiang / DetectCobaltStrike
View on GitHub
Detect Beacon Powerful (Include CobatStrike 4.10 Aha~)
☆21Oct 18, 2024Updated last year
ZEROWyt / Patchguard-2023
View on GitHub
☆24Jul 24, 2023Updated 2 years ago
rbmm / LIB
View on GitHub
☆10Apr 19, 2026Updated last month
archercreat / srvhide
View on GitHub
Simple tool to dump/hide services in services.exe process.
☆21Apr 22, 2022Updated 4 years ago
bharadwajyas / ppdump-public
View on GitHub
Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
☆25Mar 26, 2020Updated 6 years ago
s4dbrd / ETWReader
View on GitHub
Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
☆20Jun 29, 2024Updated last year
0xv1n / macnoise
View on GitHub
Extensible MacOS system telemetry generator.
☆59Apr 12, 2026Updated 2 months ago
Meckazin / HidingFromETW
View on GitHub
PoC for detecting and evading ETW detection of .Net Assembly.Load
☆22Aug 26, 2020Updated 5 years ago
OSRDrivers / deleteex
View on GitHub
Demonstrate the new FileDispositionInfoEx behavior
☆15Nov 6, 2017Updated 8 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
orca-eaa5a / mploader
View on GitHub
Portable & Custmizable Windows Defender
☆12Nov 10, 2021Updated 4 years ago
chaeyk / eac-leak
View on GitHub
this application shows EAC sdk's memory leak.
☆10Nov 30, 2021Updated 4 years ago
mandiant / rvmi-kvm
View on GitHub
Linux-KVM with rVMI extensions
☆22Aug 28, 2017Updated 8 years ago
huoji120 / awesome_anti_virus_engine
View on GitHub
about how to make a anti-virus engine
☆111May 22, 2025Updated last year
OSRDrivers / Inverted
View on GitHub
Example WDF/KMDF driver and test app demonstrating the "inverted call model"
☆36May 1, 2020Updated 6 years ago
HackingLZ / ExtractedDefender
View on GitHub
Collection of extracted Microsoft Defender data for security research purposes
☆238Jun 23, 2022Updated 3 years ago
zaddach / idallvm
View on GitHub
Plugin for IDA Pro to convert assembler to LLVM IR
☆20Nov 15, 2016Updated 9 years ago
wangda38 / vmShell_Protect
View on GitHub
☆21Feb 23, 2022Updated 4 years ago
expend20 / llvm-ob-passes
View on GitHub
☆19Oct 14, 2024Updated last year
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
xiaomagexiao / GameDll
View on GitHub
gamedll
☆10May 11, 2017Updated 9 years ago
kouzhudong / HidePort
View on GitHub
Hide Port In Windows
☆42Oct 24, 2024Updated last year
mmcloughlin / cpudb
View on GitHub
CPUID database derived from InstLatx64
☆15Feb 1, 2020Updated 6 years ago
mandiant / poisonplug-scatterbrain
View on GitHub
Deobfuscation library for PoisionPlug.SHADOW's ScatterBrain obfuscator
☆83Mar 14, 2025Updated last year
packgenome / PackGenome-Artifacts
View on GitHub
PackGenome: Automatically Generating Robust YARA Rules for Accurate Malware Packer Detection
☆30Dec 6, 2023Updated 2 years ago
ly4k / Impacket
View on GitHub
Modified version of Impacket to use dynamic NTLMv2 Challenge/Response
☆20Dec 26, 2022Updated 3 years ago
expend20 / DrSymLogger
View on GitHub
☆22Oct 18, 2023Updated 2 years ago
roadwy / SIGNATURE_TYPE_LUASTANDALONE
View on GitHub
Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm
☆16Jul 5, 2024Updated last year
ComodoSecurity / OpenEDRRules
View on GitHub
☆13Sep 22, 2022Updated 3 years ago
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
two06 / CerealKiller
View on GitHub
.NET deserialization hunter
☆90Jul 21, 2024Updated last year
pinwhell / MSPDBX
View on GitHub
Lightweight PDB symbol parser and resolver
☆30Oct 28, 2024Updated last year
VergiliusProject / kernels-data
View on GitHub
Windows kernel PDB data parsed into YAML
☆44Nov 2, 2025Updated 7 months ago
MrAle98 / Sliver-CPPImplant2
View on GitHub
Sliver agent rewritten in C++
☆49Sep 4, 2024Updated last year
singlefreshBird / Rootkit
View on GitHub
Rookit and anti rookit on Windows platform
☆14Apr 30, 2024Updated 2 years ago
hfiref0x / WDExtract
View on GitHub
Extract Windows Defender database from vdm files and unpack it
☆488Apr 21, 2026Updated last month
LLVMParty / llvm-headers
View on GitHub
Easily search LLVM headers for all major versions!
☆19Sep 14, 2025Updated 9 months ago