Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC

Stars: ✭ 885 (+2754.84%)

Mutual labels: malware, antivirus

fake-sandbox

👁‍🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.

Stars: ✭ 110 (+254.84%)

Mutual labels: malware, antivirus

Multiscanner

Modular file scanning/analysis framework

Stars: ✭ 494 (+1493.55%)

Mutual labels: malware, antivirus

JustEvadeBro

JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.

Stars: ✭ 63 (+103.23%)

Mutual labels: malware, antivirus

Php Malware Finder

Detect potentially malicious PHP files

Stars: ✭ 1,245 (+3916.13%)

Mutual labels: malware, antivirus

Malice

VirusTotal Wanna Be - Now with 100% more Hipster

Stars: ✭ 1,253 (+3941.94%)

Mutual labels: malware, antivirus

Green Hat Suite

Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.

Stars: ✭ 112 (+261.29%)

Mutual labels: malware, antivirus

yara

Malice Yara Plugin

Stars: ✭ 27 (-12.9%)

Mutual labels: malware, malice

Kicomav

KicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.

Stars: ✭ 227 (+632.26%)

Mutual labels: malware, antivirus

MSE

Malware sample exchange system and API intended for Anti-Virus companies and researchers.

Stars: ✭ 14 (-54.84%)

Mutual labels: malware, antivirus

Batch-Antivirus

Batch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.

Stars: ✭ 26 (-16.13%)

Mutual labels: malware, antivirus

Phpmussel

PHP-based anti-virus anti-trojan anti-malware solution.

Stars: ✭ 337 (+987.1%)

Mutual labels: malware, antivirus

IAT API

Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.

Stars: ✭ 63 (+103.23%)

Mutual labels: malware, antivirus

Owlyshield

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

Stars: ✭ 281 (+806.45%)

Mutual labels: malware, antivirus

Thefatrat

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

Stars: ✭ 5,944 (+19074.19%)

Mutual labels: malware, antivirus

Ergo Pe Av

🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

Stars: ✭ 130 (+319.35%)

Mutual labels: malware, antivirus

View All Similar Projects ➔

windows-defender

Malice Windows Defender AntiVirus Plugin

This repository contains a Dockerfile of Windows Defender for the malice plugin malice/windows-defender

Dependencies

ubuntu:bionic (84.1 MB)

Installation

Install Docker.
Download trusted build from public docker store: docker pull malice/windows-defender

Usage

NOTICE ⚠️

Something has changed in the latest version of Docker 18.09.0 where we now need to use our own seccomp profile found here

docker run --init --rm malice/windows-defender EICAR

With seccomp profile

docker run --init --rm --security-opt seccomp=seccomp.json malice/windows-defender EICAR

Or link your own malware folder:

$ docker run --init --rm -v /path/to/malware:/malware malice/windows-defender FILE

Usage: windows-defender [OPTIONS] COMMAND [arg...]

Malice Windows Defender AntiVirus Plugin

Version: v0.1.0, BuildTime: 20180903

Author:
  blacktop - <https://github.com/blacktop>

Options:
  --verbose, -V          verbose output
  --table, -t            output as Markdown table
  --callback, -c         POST results to Malice webhook [$MALICE_ENDPOINT]
  --proxy, -x            proxy settings for Malice webhook endpoint [$MALICE_PROXY]
  --elasticsearch value  elasticsearch url for Malice to store results [$MALICE_ELASTICSEARCH_URL]
  --timeout value        malice plugin timeout (in seconds) (default: 60) [$MALICE_TIMEOUT]
  --help, -h             show help
  --version, -v          print the version

Commands:
  update  Update virus definitions
  web     Create a Windows Defender scan web service
  help    Shows a list of commands or help for one command

Run 'windows-defender COMMAND --help' for more information on a command.

This will output to stdout and POST to malice results API webhook endpoint.

Sample Output

JSON

{
  "windows-defender": {
    "infected": true,
    "result": "Virus:DOS/EICAR_Test_File",
    "engine": "0.1.0",
    "updated": "20171112"
  }
}

Markdown

Windows Defender

Infected	Result	Engine	Updated
true	Virus:DOS/EICAR_Test_File	0.1.0	20171112

Documentation

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md and submit a Pull Request on GitHub.

Credit

Made possible by the awesome work by @taviso

License

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

malice-plugins / windows-defender

Programming Languages

Labels

Projects that are alternatives of or similar to windows-defender

windows-defender

Dependencies

Installation

Usage

NOTICE ⚠️

Or link your own malware folder:

Sample Output

JSON

Markdown

Windows Defender

Documentation

Issues

CHANGELOG

Contributing

Credit

License