DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
**DefenderCheck** is a Identifies the bytes that Microsoft Defender flags on. The project is written primarily in C#, distributed under the BSD 3-Clause "New" or "Revised" License license, first published in 2019. It has gained significant community traction with 2,613 stars and 477 forks on GitHub. Key topics include: csharp, evasion, research-tool.
DefenderCheck
Quick tool to help make evasion work a little bit easier.
Warning: As of the 1.337.157.0 Defender signature update, DefenderCheck is classified as VirTool:MSIL/BytzChk.C!MTB. As a workaround while I work to get around this, please disable Real-time Protection in Defender before compiling DefenderCheck.
Takes a binary as input and splits it until it pinpoints that exact byte that Microsoft Defender will flag on, and then prints those offending bytes to the screen. This can be helpful when trying to identify the specific bad pieces of code in your tool/payload.
Note: Defender must be enabled on your system, but the realtime protection and automatic sample submission features should be disabled.
Contributors
Showing top 1 contributor by commit count.
Related Repositories
jellyfin/jellyfin
The Free Software Media System - Server Backend & API
files-community/Files
A modern file manager that helps users organize their files and folders.
ShareX/ShareX
ShareX is a free and open-source application that enables users to capture or record any area of their screen with a single keystroke. It also supports uploading images, text, and various file types to a wide range of destinations.
doocs/leetcode
🔥LeetCode solutions in any programming language | 多种编程语言实现 LeetCode、《剑指 Offer(第 2 版)》、《程序员面试金典(第 6 版)》题解
DevToys-app/DevToys
A Swiss Army knife for developers.
AvaloniaUI/Avalonia
Develop Desktop, Embedded, Mobile and WebAssembly apps with C# and XAML. The future of .NET UI