• 1
• 0
• 0

hfiref0x/WDExtract

Extract Windows Defender database from vdm files and unpack it

• 1
• 0
• 0

hfiref0x/hfiref0x.github.io

• 1
• 0
• 1

hfiref0x/Misc

Miscellaneous Code and Docs

• 1
• 0
• 0

hfiref0x/AuthHashCalc

Authenticode Hash Calculator for PE32/PE32+ files

• 1
• 0
• 0

hfiref0x/KDU

Kernel Driver Utility

• 1
• 0
• 0

hfiref0x/SyscallTables

Windows NT x64 Syscall tables

• 1
• 1
• 1

hfiref0x/LightFTP

Small x86-32/x64 FTP Server

• 1
• 0
• 1

hfiref0x/UACME

Defeating Windows User Account Control

• 1
• 0
• 0

hfiref0x/WinObjEx64

Windows Object Explorer 64-bit

• 1
• 0
• 0

hfiref0x/NtCall64

Windows NT x64 syscall fuzzer

• 1
• 0
• 0

hfiref0x/AR4FFC

Archive repository for fast fact-checks

• 1
• 0
• 0

hfiref0x/AsIo3Unlock

ASUSTeK AsIO3 I/O driver unlock

• 1
• 0
• 0

hfiref0x/MpEnum

Enumerate Windows Defender threat families and dump their names according category

• 1
• 0
• 0

hfiref0x/UPGDSED

Universal PatchGuard and Driver Signature Enforcement Disable

• 1
• 0
• 0

hfiref0x/al-khaser

(This is a fork used primarily to submit patches into upstream repository) Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

• 1
• 0
• 0

hfiref0x/pdbex

(This is a fork used primarily to submit patches into upstream repository) pdbex is a utility for reconstructing structures and unions from the PDB into compilable C headers

• 1
• 0
• 0

hfiref0x/ROCALL

ReactOS x86-32 syscall fuzzer

• 1
• 0
• 0

hfiref0x/BSODScreen

BSOD Screensaver

• 1
• 0
• 0

hfiref0x/TDL

Driver loader for bypassing Windows x64 Driver Signature Enforcement

• 1
• 0
• 0

hfiref0x/VBoxHardenedLoader

VirtualBox VM detection mitigation loader